Browse Source

store masterKey

Kieran Gibb 2 years ago
parent
commit
2a9c101a66
No known key found for this signature in database
2 changed files with 41 additions and 16 deletions
  1. 9
    7
      index.js
  2. 32
    9
      test/index.test.js

+ 9
- 7
index.js View File

@@ -4,6 +4,7 @@ const path = require('path')
4 4
 const os = require('os')
5 5
 const mkdirp = require('mkdirp')
6 6
 const logger = require('./logger')
7
+const crypto = require('cobox-crypto')
7 8
 
8 9
 const CONFIG_FILE = 'config.yml'
9 10
 
@@ -29,10 +30,8 @@ class CoBoxConfig {
29 30
   constructor (storage, opts = {}) {
30 31
     this.root = storage || path.join(os.homedir(), '.cobox')
31 32
     this.storage = path.join(this.root, CONFIG_FILE)
32
-    this.secrets = path.join(this.root, 'secret_keys')
33 33
 
34 34
     mkdirp.sync(path.join(this.root, 'logs'))
35
-    mkdirp.sync(this.secrets)
36 35
 
37 36
     var config = Object.assign(defaultConfig(), opts.seeds || {})
38 37
 
@@ -45,6 +44,14 @@ class CoBoxConfig {
45 44
       this.load()
46 45
     }
47 46
 
47
+    var masterKeyPath = path.join(this.root, 'master_key')
48
+    if (!fs.existsSync(masterKeyPath)) {
49
+      this.masterKey = crypto.masterKey()
50
+      fs.writeFileSync(masterKeyPath, this.masterKey, { mode: fs.constants.S_IRUSR })
51
+    } else {
52
+      this.masterKey = fs.readFileSync(masterKeyPath)
53
+    }
54
+
48 55
     this.logger = logger(path.join(this.root, 'logs', logfile))
49 56
     this.log = this.logger('cobox-config')
50 57
 
@@ -81,8 +88,3 @@ class CoBoxConfig {
81 88
     }
82 89
   }
83 90
 }
84
-
85
-function storeSecret (location, secret) {
86
-  fs.writeFileSync(secretKey, Buffer.from(secret))
87
-  return location
88
-}

+ 32
- 9
test/index.test.js View File

@@ -8,20 +8,43 @@ const yaml = require('js-yaml')
8 8
 const { tmp, cleanup } = require('./util')
9 9
 
10 10
 describe('load', (context) => {
11
-  var storage
12
-
13
-  context.beforeEach((c) => {
14
-    storage = tmp()
11
+  context('default', (assert, next) => {
12
+    var storage = tmp()
13
+    var config = Config(storage)
14
+    assert.ok(config.groups.list() instanceof Array, 'groups list defaults to empty Array')
15
+    cleanup(storage, next)
15 16
   })
17
+})
16 18
 
17
-  context.afterEach((c) => {
18
-    cleanup(storage)
19
+describe('master_key', (context) => {
20
+  context('default', (assert, next) => {
21
+    var storage = tmp()
22
+    var config = Config(storage)
23
+
24
+    var masterKey = config.masterKey
25
+    assert.ok(masterKey, 'generates a master key')
26
+
27
+    fs.readFile(path.join(storage, 'master_key'), (err, data) => {
28
+      assert.same(Buffer.from(data).toString('hex'), masterKey.toString('hex'), 'keys match')
29
+
30
+      fs.writeFile(path.join(storage, 'master_key'), 'Woof Woof', (err) => {
31
+        assert.ok(err, 'throws an error')
32
+        assert.ok(err.code, 'EACCES', 'invalid permissions')
33
+        assert.ok(err.message, `permission denied, open '${storage}'`)
34
+
35
+        cleanup(storage, next)
36
+      })
37
+    })
19 38
   })
20 39
 
21
-  context('default', (assert, next) => {
40
+  context('reload', (assert, next) => {
41
+    var storage = tmp()
22 42
     var config = Config(storage)
23
-    assert.ok(config.groups.list() instanceof Array, 'groups list defaults to empty Array')
24
-    next()
43
+    var masterKey = config.masterKey
44
+    config = Config(storage)
45
+    var key = config.masterKey
46
+    assert.same(key, masterKey, 'reloads the same master_key')
47
+    cleanup(storage, next)
25 48
   })
26 49
 })
27 50