Class: KryptosSecret

Inherits:
ActiveRecord::Base
  • Object
show all
Defined in:
lib/kryptos/secret.rb

Instance Method Summary collapse

Instance Method Details

#check_gitignoreObject 



27
28
29
30
31
32
 
# File 'lib/kryptos/secret.rb', line 27

def check_gitignore
  return unless Rails.env.development?
  to_ignore = "config/kryptos.rb"
  ignores = IO.read(gitignore_path)
  raise "gitignore must ignore #{to_ignore}" unless ignores =~ /^#{to_ignore}$/
end

#clandestine_operationsObject 



15
16
17
18
19
20
21
22
23
24
25
 
# File 'lib/kryptos/secret.rb', line 15

def clandestine_operations
  check_gitignore
  if File.exists? cleartext_path
    # If the encrypted version is out of date, regenerate it
    enc_mtime = File.exists?(encrypted_path) && File.mtime(encrypted_path)
    encrypt_secrets if !enc_mtime || enc_mtime < File.mtime(cleartext_path)
  else
    decrypt_secrets
  end
  require cleartext_path
end

#cleartext_pathObject 



7
8
9
 
# File 'lib/kryptos/secret.rb', line 7

def cleartext_path
  "#{Rails.root}/config/kryptos.rb"
end

#decrypt_secretsObject 



41
42
43
44
45
46
47
 
# File 'lib/kryptos/secret.rb', line 41

def decrypt_secrets
  Rails.logger.info "kryptos decrypt_secrets"
  cipher = Gibberish::AES.new(secret)
  IO.write(cleartext_path, cipher.decrypt(IO.read(encrypted_path)))
  prev_time = File.mtime(encrypted_path)
  File.utime(prev_time, prev_time, cleartext_path)    # avoid round-trip
end

#encrypt_secretsObject 



34
35
36
37
38
39
 
# File 'lib/kryptos/secret.rb', line 34

def encrypt_secrets
  return unless Rails.env.development?
  Rails.logger.info "kryptos encrypt_secrets"
  cipher = Gibberish::AES.new(secret)
  IO.write(encrypted_path, cipher.encrypt(IO.read(cleartext_path)))
end

#encrypted_pathObject 



11
12
13
 
# File 'lib/kryptos/secret.rb', line 11

def encrypted_path
  "#{cleartext_path}.enc"
end

#gitignore_pathObject 



3
4
5
 
# File 'lib/kryptos/secret.rb', line 3

def gitignore_path
  "#{Rails.root}/.gitignore"
end