Class: AuthKeys

Inherits:
Object
  • Object
show all
Defined in:
lib/auth_keys.rb

Constant Summary collapse

KEY_PATH = 
"~/.auth_keys"
MASTER_KEY = 
"~/.ssh/id_rsa"

Class Method Summary collapse

Class Method Details

.[](key) ⇒ Object 



98
99
100
 
# File 'lib/auth_keys.rb', line 98

def [](key)
    self.get(key)
end

.decryptObject 



23
24
25
26
27
28
29
30
 
# File 'lib/auth_keys.rb', line 23

def decrypt()
    data = self.read
    return unless is_encrypted?(data)
    data = data.force_encoding("ASCII-8BIT")
    #data = self.decrypt_data_by_privkey(data)
    data = self.decrypt_data(data,self.master_key_data)
    self.save(data)
end

.decrypt_data(data, pass) ⇒ Object 



31
32
33
34
35
36
37
38
39
 
# File 'lib/auth_keys.rb', line 31

def decrypt_data(data,pass)
    data = data.force_encoding("ASCII-8BIT")
    salt = data[8,8]
    data = data[16, data.size]
    cipher = OpenSSL::Cipher::Cipher.new("AES-256-CBC")
    cipher.decrypt
    cipher.pkcs5_keyivgen(pass, salt)
    cipher.update(data) + cipher.final
end

.decrypt_data_by_privkey(data) ⇒ Object 



46
47
48
 
# File 'lib/auth_keys.rb', line 46

def decrypt_data_by_privkey(data)
    self.rsautil.private_decrypt(data)
end

.encryptObject 



16
17
18
19
20
21
22
 
# File 'lib/auth_keys.rb', line 16

def encrypt()
    data = self.read
    return  if is_encrypted?(data)
    #data = self.encrypt_data_by_pubkey(data)
    data = self.encrypt_data(data,self.master_key_data)
    save(data)
end

.encrypt_data(data, pass) ⇒ Object 



7
8
9
10
11
12
13
14
15
 
# File 'lib/auth_keys.rb', line 7

def encrypt_data(data,pass)
    cipher = OpenSSL::Cipher::Cipher.new("AES-256-CBC")
    salt = OpenSSL::Random.random_bytes(8)
    cipher.encrypt
    cipher.pkcs5_keyivgen(pass, salt)
    data = cipher.update(data) + cipher.final
    ## salted
    data = "Salted__" + salt + data
end

.encrypt_data_by_pubkey(data) ⇒ Object 



43
44
45
 
# File 'lib/auth_keys.rb', line 43

def encrypt_data_by_pubkey(data)
    self.rsautil.public_encrypt(data)
end

.get(key) ⇒ Object 



90
91
92
93
94
95
96
97
 
# File 'lib/auth_keys.rb', line 90

def get(key)
    hash = self.load
    if key.class == Regexp then
        key = self.keys.find{|e| e=~key}
        return nil unless key
    end
    hash.key?(key) ? hash[key] : nil ; 
end

.is_encrypted?(str) ⇒ Boolean

Returns:

  • (Boolean) 


53
54
55
56
57
58
59
60
61
62
 
# File 'lib/auth_keys.rb', line 53

def is_encrypted?(str)
    return true if self.is_salted?(str)
    # check encrypt by trying to treat as  UTF-8 String
    begin 
        str.split("")
        return false
    rescue => e
        return true
    end
end

.is_salted?(str) ⇒ Boolean

Returns:

  • (Boolean) 


50
51
52
 
# File 'lib/auth_keys.rb', line 50

def is_salted?(str)
    /Salted__/ === str[0,8] 
end

.keysObject 



101
102
103
 
# File 'lib/auth_keys.rb', line 101

def keys
    self.load.keys
end

.loadObject 



76
77
78
79
80
81
82
83
84
 
# File 'lib/auth_keys.rb', line 76

def load()
    content = self.read
    content = self.decrypt_data(content,self.master_key_data) if is_encrypted?(content)
    array = content 
                .split("\n")
                .reject{|e| e.strip =~/^#/}
                .map(&:split).map{|e| [e[0],[   e[1],e[2]  ] ] }
    password_table = Hash[array]
end

.master_key_dataObject 



63
64
65
66
67
 
# File 'lib/auth_keys.rb', line 63

def master_key_data
    path = File.expand_path(MASTER_KEY)
    raise unless File.exists?(path)
    open(path).read
end

.readObject 



85
86
87
88
89
 
# File 'lib/auth_keys.rb', line 85

def read()
    path = File.expand_path(KEY_PATH)
    raise unless File.exists?(path)
    content = open(path).read
end

.rsautilObject 



40
41
42
 
# File 'lib/auth_keys.rb', line 40

def rsautil
    OpenSSL::PKey::RSA.new(self.master_key_data)
end

.save(content) ⇒ Object 



68
69
70
71
72
73
74
 
# File 'lib/auth_keys.rb', line 68

def save(content)
    path = File.expand_path(KEY_PATH)
    raise "#{path} not found." unless File.exists?(path)
    open(path, "w"){|f| 
        f.write content
    }
end