Add core modules, web frontend, CLI, keystore, and fieldkit

Core: - paths.py: centralized ~/.soosef/ path constants - config.py: JSON config loader with dataclass defaults - exceptions.py: SoosefError hierarchy - cli.py: unified Click CLI wrapping stegasoo + verisoo + native commands Keystore: - manager.py: unified key management (Ed25519 identity + channel keys) - models.py: IdentityInfo, KeystoreStatus dataclasses - export.py: encrypted key bundle export/import for USB transfer Fieldkit: - killswitch.py: ordered emergency data destruction (keys first) - deadman.py: dead man's switch with check-in timer - tamper.py: SHA-256 file integrity baseline + checking - usb_monitor.py: pyudev USB whitelist enforcement - geofence.py: haversine-based GPS boundary checking Web frontend (Flask app factory + blueprints): - app.py: create_app() factory with context processor - blueprints: stego, attest, fieldkit, keys, admin - templates: base.html (dark theme, unified nav), dashboard, all section pages - static: CSS, favicon Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-31 14:30:13 -04:00
parent 06485879d2
commit b8d4eb5933
41 changed files with 2193 additions and 0 deletions
--- a/frontends/web/blueprints/init.py
+++ b/frontends/web/blueprints/init.py
--- a/frontends/web/blueprints/admin.py
+++ b/frontends/web/blueprints/admin.py
@@ -0,0 +1,21 @@
+"""
+Admin blueprint — user management and system settings.
+
+Will be adapted from stegasoo's admin routes in frontends/web/app.py.
+"""
+
+from flask import Blueprint, render_template
+
+bp = Blueprint("admin", __name__, url_prefix="/admin")
+
+
+@bp.route("/users")
+def users():
+    """User management."""
+    return render_template("admin/users.html")
+
+
+@bp.route("/settings")
+def settings():
+    """System settings."""
+    return render_template("admin/settings.html")
--- a/frontends/web/blueprints/attest.py
+++ b/frontends/web/blueprints/attest.py
@@ -0,0 +1,34 @@
+"""
+Attestation blueprint — attest and verify images via Verisoo.
+
+Wraps verisoo's attestation.create_attestation() and
+verification.verify_image() with a web UI.
+"""
+
+from flask import Blueprint, render_template
+
+bp = Blueprint("attest", __name__)
+
+
+@bp.route("/attest", methods=["GET", "POST"])
+def attest():
+    """Create a provenance attestation for an image."""
+    return render_template("attest/attest.html")
+
+
+@bp.route("/verify", methods=["GET", "POST"])
+def verify():
+    """Verify an image against attestation records."""
+    return render_template("attest/verify.html")
+
+
+@bp.route("/attest/record/<record_id>")
+def record(record_id):
+    """View a single attestation record."""
+    return render_template("attest/record.html", record_id=record_id)
+
+
+@bp.route("/attest/log")
+def log():
+    """List recent attestations."""
+    return render_template("attest/log.html")
--- a/frontends/web/blueprints/fieldkit.py
+++ b/frontends/web/blueprints/fieldkit.py
@@ -0,0 +1,49 @@
+"""
+Fieldkit blueprint — killswitch, dead man's switch, status dashboard.
+"""
+
+from flask import Blueprint, flash, redirect, render_template, request, url_for
+
+bp = Blueprint("fieldkit", __name__, url_prefix="/fieldkit")
+
+
+@bp.route("/")
+def status():
+    """Fieldkit status dashboard — all monitors and system health."""
+    from soosef.fieldkit.deadman import DeadmanSwitch
+
+    deadman = DeadmanSwitch()
+    return render_template(
+        "fieldkit/status.html",
+        deadman_status=deadman.status(),
+    )
+
+
+@bp.route("/killswitch", methods=["GET", "POST"])
+def killswitch():
+    """Killswitch arming and firing UI."""
+    if request.method == "POST":
+        action = request.form.get("action")
+        if action == "fire" and request.form.get("confirm") == "CONFIRM-PURGE":
+            from soosef.fieldkit.killswitch import PurgeScope, execute_purge
+
+            result = execute_purge(PurgeScope.ALL, reason="web_ui")
+            flash(
+                f"Purge executed: {len(result.steps_completed)} steps completed, "
+                f"{len(result.steps_failed)} failed",
+                "warning" if result.steps_failed else "success",
+            )
+            return redirect(url_for("fieldkit.status"))
+
+    return render_template("fieldkit/killswitch.html")
+
+
+@bp.route("/deadman/checkin", methods=["POST"])
+def deadman_checkin():
+    """Record a dead man's switch check-in."""
+    from soosef.fieldkit.deadman import DeadmanSwitch
+
+    deadman = DeadmanSwitch()
+    deadman.checkin()
+    flash("Check-in recorded.", "success")
+    return redirect(url_for("fieldkit.status"))
--- a/frontends/web/blueprints/keys.py
+++ b/frontends/web/blueprints/keys.py
@@ -0,0 +1,38 @@
+"""
+Key management blueprint — unified view of all key material.
+"""
+
+from flask import Blueprint, flash, redirect, render_template, request, url_for
+
+bp = Blueprint("keys", __name__, url_prefix="/keys")
+
+
+@bp.route("/")
+def index():
+    """Key management dashboard."""
+    from soosef.keystore import KeystoreManager
+
+    ks = KeystoreManager()
+    return render_template("fieldkit/keys.html", keystore=ks.status())
+
+
+@bp.route("/channel/generate", methods=["POST"])
+def generate_channel():
+    """Generate a new channel key."""
+    from soosef.keystore import KeystoreManager
+
+    ks = KeystoreManager()
+    key = ks.generate_channel_key()
+    flash(f"Channel key generated: {key[:8]}...", "success")
+    return redirect(url_for("keys.index"))
+
+
+@bp.route("/identity/generate", methods=["POST"])
+def generate_identity():
+    """Generate a new Ed25519 identity."""
+    from soosef.keystore import KeystoreManager
+
+    ks = KeystoreManager()
+    info = ks.generate_identity()
+    flash(f"Identity generated: {info.fingerprint[:16]}...", "success")
+    return redirect(url_for("keys.index"))
--- a/frontends/web/blueprints/stego.py
+++ b/frontends/web/blueprints/stego.py
@@ -0,0 +1,35 @@
+"""
+Steganography blueprint — encode, decode, generate, tools.
+
+Routes lifted from stegasoo's frontends/web/app.py. In Phase 1, these
+will be fully implemented by migrating the stegasoo route logic here.
+For now, they render placeholder templates.
+"""
+
+from flask import Blueprint, render_template
+
+bp = Blueprint("stego", __name__)
+
+
+@bp.route("/encode", methods=["GET", "POST"])
+def encode():
+    """Encode a message into a carrier image."""
+    return render_template("stego/encode.html")
+
+
+@bp.route("/decode", methods=["GET", "POST"])
+def decode():
+    """Decode a message from a stego image."""
+    return render_template("stego/decode.html")
+
+
+@bp.route("/generate")
+def generate():
+    """Generate credentials (passphrase, PIN, RSA keys)."""
+    return render_template("stego/generate.html")
+
+
+@bp.route("/tools")
+def tools():
+    """Image analysis and utility tools."""
+    return render_template("stego/tools.html")