@tuskydp/cli 0.2.1 → 0.4.0

package/src/commands/encryption.ts

@@ -1,305 +0,0 @@
-import type { Command } from 'commander';
-import chalk from 'chalk';
-import inquirer from 'inquirer';
-import { getSDKClientFromParent } from '../sdk.js';
-import {
-  deriveMasterKey,
-  computeVerifier,
-  verifyPassphrase,
-  generateSalt,
-  generateMasterKey,
-  generateRecoveryKey,
-  wrapMasterKey,
-  unwrapMasterKey,
-} from '../crypto.js';
-import { storeMasterKey, loadMasterKey, clearSession } from '../lib/keyring.js';
-
-export function registerEncryptionCommands(program: Command) {
-  const encryption = program.command('encryption').description('Manage E2E encryption');
-
-  encryption.command('setup')
-    .description('Set encryption passphrase (first time only)')
-    .action(async () => {
-      const sdk = getSDKClientFromParent(encryption);
-
-      // Check if already set up
-      const { setupComplete } = await sdk.account.getEncryptionParams();
-      if (setupComplete) {
-        console.log(chalk.yellow('Encryption is already set up.'));
-        console.log(chalk.dim('Use: tusky encryption change-passphrase'));
-        return;
-      }
-
-      // Get passphrase
-      const answers = await inquirer.prompt([
-        {
-          type: 'password',
-          name: 'passphrase',
-          message: 'Enter encryption passphrase:',
-          mask: '*',
-          validate: (input: string) => input.length >= 8 || 'Passphrase must be at least 8 characters',
-        },
-        {
-          type: 'password',
-          name: 'confirm',
-          message: 'Confirm passphrase:',
-          mask: '*',
-        },
-      ]);
-
-      if (answers.passphrase !== answers.confirm) {
-        console.error(chalk.red('Passphrases do not match.'));
-        return;
-      }
-
-      // Generate random master key and derive wrapping key from passphrase
-      const masterKey = generateMasterKey();
-      const salt = generateSalt();
-      const wrappingKey = deriveMasterKey(answers.passphrase, salt);
-      const verifier = computeVerifier(wrappingKey);
-
-      // Wrap master key with wrapping key (for passphrase unlock)
-      const encryptedMasterKey = wrapMasterKey(masterKey, wrappingKey);
-
-      // Wrap master key with recovery key (for recovery flow)
-      const recoveryKeyRaw = generateRecoveryKey();
-      const wrappedMasterKeyBackup = wrapMasterKey(masterKey, recoveryKeyRaw);
-      const recoveryKeyBase64 = recoveryKeyRaw.toString('base64');
-
-      // Send to server
-      await sdk.account.setupEncryption({
-        salt: salt.toString('base64'),
-        verifier: verifier.toString('base64'),
-        encryptedMasterKey: encryptedMasterKey.toString('base64'),
-        wrappedMasterKeyBackup: wrappedMasterKeyBackup.toString('base64'),
-      });
-
-      // Store master key in session
-      storeMasterKey(masterKey);
-
-      // Display recovery key
-      console.log('');
-      console.log(chalk.yellow.bold('SAVE YOUR RECOVERY KEY — it will not be shown again:'));
-      console.log('');
-      console.log(chalk.bold(`  ${recoveryKeyBase64}`));
-      console.log('');
-
-      const confirmSaved = await inquirer.prompt([{
-        type: 'confirm',
-        name: 'saved',
-        message: 'Have you saved your recovery key?',
-        default: false,
-      }]);
-
-      if (!confirmSaved.saved) {
-        console.log(chalk.yellow('Please save your recovery key before continuing!'));
-        console.log(chalk.bold(`  ${recoveryKeyBase64}`));
-      }
-
-      console.log(chalk.green('Encryption configured successfully.'));
-    });
-
-  encryption.command('unlock')
-    .description('Unlock encryption for this session')
-    .option('--passphrase <passphrase>', 'Passphrase (non-interactive; also reads TUSKYDP_PASSWORD env var)')
-    .action(async (options: { passphrase?: string }) => {
-      const sdk = getSDKClientFromParent(encryption);
-
-      const { setupComplete, salt, verifier, encryptedMasterKey } = await sdk.account.getEncryptionParams();
-      if (!setupComplete) {
-        console.error(chalk.red('Encryption not set up. Run: tusky encryption setup'));
-        return;
-      }
-
-      // Resolve passphrase: flag > env var > interactive prompt
-      let passphrase = options.passphrase ?? process.env.TUSKYDP_PASSWORD;
-      if (!passphrase) {
-        const answers = await inquirer.prompt([{
-          type: 'password',
-          name: 'passphrase',
-          message: 'Enter encryption passphrase:',
-          mask: '*',
-        }]);
-        passphrase = answers.passphrase as string;
-      }
-
-      const saltBuffer = Buffer.from(salt!, 'base64');
-      const verifierBuffer = Buffer.from(verifier!, 'base64');
-      const wrappingKey = deriveMasterKey(passphrase, saltBuffer);
-
-      if (!verifyPassphrase(wrappingKey, verifierBuffer)) {
-        console.error(chalk.red('Invalid passphrase.'));
-        process.exit(1);
-      }
-
-      // Unwrap the real master key (or fall back to legacy where wrapping key = master key)
-      let masterKey: Buffer;
-      if (encryptedMasterKey) {
-        masterKey = unwrapMasterKey(Buffer.from(encryptedMasterKey, 'base64'), wrappingKey);
-      } else {
-        masterKey = wrappingKey;
-      }
-
-      storeMasterKey(masterKey);
-      console.log(chalk.green('Encryption session unlocked.'));
-    });
-
-  encryption.command('status')
-    .description('Show encryption status')
-    .action(async () => {
-      const sdk = getSDKClientFromParent(encryption);
-      const { setupComplete } = await sdk.account.getEncryptionParams();
-      const sessionActive = loadMasterKey() !== null;
-
-      console.log(`Encryption setup:   ${setupComplete ? chalk.green('Complete') : chalk.yellow('Not set up')}`);
-      console.log(`Session unlocked:   ${sessionActive ? chalk.green('Yes') : chalk.yellow('No')}`);
-    });
-
-  encryption.command('change-passphrase')
-    .description('Change encryption passphrase')
-    .action(async () => {
-      const sdk = getSDKClientFromParent(encryption);
-
-      const { setupComplete, salt, verifier, encryptedMasterKey } = await sdk.account.getEncryptionParams();
-      if (!setupComplete) {
-        console.error(chalk.red('Encryption not set up. Run: tusky encryption setup'));
-        return;
-      }
-
-      const answers = await inquirer.prompt([
-        {
-          type: 'password',
-          name: 'currentPassphrase',
-          message: 'Enter current passphrase:',
-          mask: '*',
-        },
-        {
-          type: 'password',
-          name: 'newPassphrase',
-          message: 'Enter new passphrase:',
-          mask: '*',
-          validate: (input: string) => input.length >= 8 || 'Passphrase must be at least 8 characters',
-        },
-        {
-          type: 'password',
-          name: 'confirmNew',
-          message: 'Confirm new passphrase:',
-          mask: '*',
-        },
-      ]);
-
-      if (answers.newPassphrase !== answers.confirmNew) {
-        console.error(chalk.red('New passphrases do not match.'));
-        return;
-      }
-
-      // Verify current passphrase
-      const currentSalt = Buffer.from(salt!, 'base64');
-      const currentVerifier = Buffer.from(verifier!, 'base64');
-      const currentWrappingKey = deriveMasterKey(answers.currentPassphrase, currentSalt);
-
-      if (!verifyPassphrase(currentWrappingKey, currentVerifier)) {
-        console.error(chalk.red('Invalid current passphrase.'));
-        return;
-      }
-
-      // Unwrap the real master key (or use wrapping key as legacy fallback)
-      let masterKey: Buffer;
-      if (encryptedMasterKey) {
-        masterKey = unwrapMasterKey(Buffer.from(encryptedMasterKey, 'base64'), currentWrappingKey);
-      } else {
-        masterKey = currentWrappingKey;
-      }
-
-      // Derive new wrapping key, re-wrap master key
-      const newSalt = generateSalt();
-      const newWrappingKey = deriveMasterKey(answers.newPassphrase, newSalt);
-      const newVerifier = computeVerifier(newWrappingKey);
-      const newEncryptedMasterKey = wrapMasterKey(masterKey, newWrappingKey);
-
-      // Generate new recovery key and wrap master key with it
-      const newRecoveryKey = generateRecoveryKey();
-      const newWrappedBackup = wrapMasterKey(masterKey, newRecoveryKey);
-
-      await sdk.account.resetEncryption({
-        salt: newSalt.toString('base64'),
-        verifier: newVerifier.toString('base64'),
-        encryptedMasterKey: newEncryptedMasterKey.toString('base64'),
-        wrappedMasterKeyBackup: newWrappedBackup.toString('base64'),
-      });
-
-      storeMasterKey(masterKey);
-
-      console.log(chalk.yellow.bold('NEW RECOVERY KEY (save it!):'));
-      console.log(chalk.bold(`  ${newRecoveryKey.toString('base64')}`));
-      console.log(chalk.green('Passphrase changed successfully.'));
-    });
-
-  encryption.command('recover')
-    .description('Recover master key with recovery key')
-    .action(async () => {
-      const sdk = getSDKClientFromParent(encryption);
-
-      const answers = await inquirer.prompt([
-        {
-          type: 'input',
-          name: 'recoveryKey',
-          message: 'Enter your recovery key (base64):',
-        },
-        {
-          type: 'password',
-          name: 'newPassphrase',
-          message: 'Enter new passphrase:',
-          mask: '*',
-          validate: (input: string) => input.length >= 8 || 'Passphrase must be at least 8 characters',
-        },
-        {
-          type: 'password',
-          name: 'confirmNew',
-          message: 'Confirm new passphrase:',
-          mask: '*',
-        },
-      ]);
-
-      if (answers.newPassphrase !== answers.confirmNew) {
-        console.error(chalk.red('Passphrases do not match.'));
-        return;
-      }
-
-      // Get wrapped master key backup from server
-      const { wrappedMasterKeyBackup } = await sdk.account.getRecoveryData();
-      const wrappedData = Buffer.from(wrappedMasterKeyBackup!, 'base64');
-      const recoveryKeyRaw = Buffer.from(answers.recoveryKey, 'base64');
-
-      let masterKey: Buffer;
-      try {
-        masterKey = unwrapMasterKey(wrappedData, recoveryKeyRaw);
-      } catch {
-        console.error(chalk.red('Invalid recovery key.'));
-        return;
-      }
-
-      // Derive new wrapping key from new passphrase, wrap the RECOVERED master key
-      const newSalt = generateSalt();
-      const newWrappingKey = deriveMasterKey(answers.newPassphrase, newSalt);
-      const newVerifier = computeVerifier(newWrappingKey);
-      const newEncryptedMasterKey = wrapMasterKey(masterKey, newWrappingKey);
-
-      // Generate new recovery key and wrap master key with it
-      const newRecoveryKey = generateRecoveryKey();
-      const newWrappedBackup = wrapMasterKey(masterKey, newRecoveryKey);
-
-      await sdk.account.resetEncryption({
-        salt: newSalt.toString('base64'),
-        verifier: newVerifier.toString('base64'),
-        encryptedMasterKey: newEncryptedMasterKey.toString('base64'),
-        wrappedMasterKeyBackup: newWrappedBackup.toString('base64'),
-      });
-
-      storeMasterKey(masterKey);
-
-      console.log(chalk.yellow.bold('NEW RECOVERY KEY (save it!):'));
-      console.log(chalk.bold(`  ${newRecoveryKey.toString('base64')}`));
-      console.log(chalk.green('Recovery successful. Passphrase reset.'));
-    });
-}

package/src/crypto.ts

@@ -1,130 +0,0 @@
-import {
-  createHash,
-  createHmac,
-  randomBytes,
-  createCipheriv,
-  createDecipheriv,
-  pbkdf2Sync,
-} from 'crypto';
-
-const PBKDF2_ITERATIONS = 600_000;
-const AES_ALGO = 'aes-256-gcm' as const;
-const VERIFIER_CONTEXT = 'tuskydp-key-verifier-v1';
-
-export function deriveMasterKey(passphrase: string, salt: Buffer): Buffer {
-  return pbkdf2Sync(passphrase, salt, PBKDF2_ITERATIONS, 32, 'sha256');
-}
-
-export function computeVerifier(masterKey: Buffer): Buffer {
-  return createHmac('sha256', masterKey)
-    .update(VERIFIER_CONTEXT)
-    .digest();
-}
-
-export function verifyPassphrase(masterKey: Buffer, expectedVerifier: Buffer): boolean {
-  const computed = computeVerifier(masterKey);
-  if (computed.length !== expectedVerifier.length) return false;
-  let diff = 0;
-  for (let i = 0; i < computed.length; i++) diff |= computed[i] ^ expectedVerifier[i];
-  return diff === 0;
-}
-
-export function generateSalt(): Buffer {
-  return randomBytes(16);
-}
-
-export function generateRecoveryKey(): Buffer {
-  return randomBytes(32);
-}
-
-export function generateMasterKey(): Buffer {
-  return randomBytes(32);
-}
-
-export function wrapMasterKey(masterKey: Buffer, recoveryKey: Buffer): Buffer {
-  const wrapIv = randomBytes(12);
-  const cipher = createCipheriv(AES_ALGO, recoveryKey, wrapIv);
-  const wrapped = Buffer.concat([cipher.update(masterKey), cipher.final()]);
-  const tag = cipher.getAuthTag();
-  return Buffer.concat([wrapIv, wrapped, tag]);
-}
-
-export function unwrapMasterKey(wrappedData: Buffer, recoveryKey: Buffer): Buffer {
-  const wrapIv = wrappedData.subarray(0, 12);
-  const wrapped = wrappedData.subarray(12, wrappedData.length - 16);
-  const tag = wrappedData.subarray(wrappedData.length - 16);
-  const decipher = createDecipheriv(AES_ALGO, recoveryKey, wrapIv);
-  decipher.setAuthTag(tag);
-  return Buffer.concat([decipher.update(wrapped), decipher.final()]);
-}
-
-export function encryptBuffer(plaintext: Buffer, masterKey: Buffer): {
-  ciphertext: Buffer;
-  wrappedKey: string;
-  iv: string;
-  plaintextChecksum: string;
-} {
-  // Hash plaintext
-  const plaintextChecksum = createHash('sha256').update(plaintext).digest('hex');
-
-  // Generate random per-file key and IV
-  const fileKey = randomBytes(32);
-  const fileIv = randomBytes(12);
-
-  // Encrypt file
-  const cipher = createCipheriv(AES_ALGO, fileKey, fileIv);
-  const encrypted = Buffer.concat([cipher.update(plaintext), cipher.final()]);
-  const authTag = cipher.getAuthTag();
-  const ciphertext = Buffer.concat([encrypted, authTag]);
-
-  // Wrap file key with master key
-  const wrapIv = randomBytes(12);
-  const wrapCipher = createCipheriv(AES_ALGO, masterKey, wrapIv);
-  const wrappedKeyData = Buffer.concat([wrapCipher.update(fileKey), wrapCipher.final()]);
-  const wrapTag = wrapCipher.getAuthTag();
-  const wrappedKeyFull = Buffer.concat([wrapIv, wrappedKeyData, wrapTag]);
-
-  return {
-    ciphertext,
-    wrappedKey: wrappedKeyFull.toString('base64'),
-    iv: fileIv.toString('base64'),
-    plaintextChecksum,
-  };
-}
-
-export function decryptBuffer(
-  ciphertext: Buffer,
-  wrappedKeyBase64: string,
-  ivBase64: string,
-  masterKey: Buffer,
-  expectedChecksum?: string,
-): Buffer {
-  // Unwrap file key
-  const wrappedKeyFull = Buffer.from(wrappedKeyBase64, 'base64');
-  const wrapIv = wrappedKeyFull.subarray(0, 12);
-  const wrappedKeyData = wrappedKeyFull.subarray(12, wrappedKeyFull.length - 16);
-  const wrapTag = wrappedKeyFull.subarray(wrappedKeyFull.length - 16);
-
-  const unwrapDecipher = createDecipheriv(AES_ALGO, masterKey, wrapIv);
-  unwrapDecipher.setAuthTag(wrapTag);
-  const fileKey = Buffer.concat([unwrapDecipher.update(wrappedKeyData), unwrapDecipher.final()]);
-
-  // Decrypt file
-  const fileIv = Buffer.from(ivBase64, 'base64');
-  const authTag = ciphertext.subarray(ciphertext.length - 16);
-  const encryptedData = ciphertext.subarray(0, ciphertext.length - 16);
-
-  const decipher = createDecipheriv(AES_ALGO, fileKey, fileIv);
-  decipher.setAuthTag(authTag);
-  const plaintext = Buffer.concat([decipher.update(encryptedData), decipher.final()]);
-
-  // Verify integrity
-  if (expectedChecksum) {
-    const actualChecksum = createHash('sha256').update(plaintext).digest('hex');
-    if (actualChecksum !== expectedChecksum) {
-      throw new Error('Integrity check failed — file may be corrupted');
-    }
-  }
-
-  return plaintext;
-}

package/src/lib/keyring.ts

@@ -1,50 +0,0 @@
-import { readFileSync, writeFileSync, mkdirSync, existsSync, unlinkSync } from 'fs';
-import { join } from 'path';
-import { homedir } from 'os';
-import { createCipheriv, createDecipheriv, randomBytes, createHash } from 'crypto';
-
-const SESSION_DIR = join(homedir(), '.tusky');
-const SESSION_FILE = join(SESSION_DIR, 'session.enc');
-
-// Derive a machine-specific key from hostname + user
-function getMachineKey(): Buffer {
-  const machineId = `${homedir()}-tusky-session-key`;
-  return createHash('sha256').update(machineId).digest();
-}
-
-export function storeMasterKey(masterKey: Buffer): void {
-  mkdirSync(SESSION_DIR, { recursive: true, mode: 0o700 });
-  const key = getMachineKey();
-  const iv = randomBytes(12);
-  const cipher = createCipheriv('aes-256-gcm', key, iv);
-  const encrypted = Buffer.concat([cipher.update(masterKey), cipher.final()]);
-  const tag = cipher.getAuthTag();
-  const data = Buffer.concat([iv, tag, encrypted]);
-  writeFileSync(SESSION_FILE, data, { mode: 0o600 });
-}
-
-export function loadMasterKey(): Buffer | null {
-  if (!existsSync(SESSION_FILE)) return null;
-  try {
-    const data = readFileSync(SESSION_FILE);
-    const key = getMachineKey();
-    const iv = data.subarray(0, 12);
-    const tag = data.subarray(12, 28);
-    const encrypted = data.subarray(28);
-    const decipher = createDecipheriv('aes-256-gcm', key, iv);
-    decipher.setAuthTag(tag);
-    return Buffer.concat([decipher.update(encrypted), decipher.final()]);
-  } catch {
-    return null;
-  }
-}
-
-export function clearSession(): void {
-  try {
-    if (existsSync(SESSION_FILE)) {
-      unlinkSync(SESSION_FILE);
-    }
-  } catch {
-    // Ignore
-  }
-}