Module: Keystorage

Included in:

CLI, Manager

Defined in:

lib/keystorage.rb,
lib/keystorage/cli.rb,
lib/keystorage/manager.rb

Defined Under Namespace

Classes: CLI, FormatNotSupport, Manager, NoRootGroup, NoSecret, RejectGroupName, SecretMissMatch

Constant Summary

DEFAULT_SECRET =

"3Qw9EtWE"

DEFAULT_FILE =

File.join(ENV["HOME"],".keystorage")

Instance Method Summary

• #decode(str, secret = secret) ⇒ Object
• #encode(str, secret = secret) ⇒ Object
• #file ⇒ Object
• #path ⇒ Object
• #render(out, format = :text) ⇒ Object
• #render_text(out) ⇒ Object
• #root ⇒ Object
• #root!(secret = secret, data = file) ⇒ Object
• #secret ⇒ Object
• #sign(message, secret = secret) ⇒ Object
• #token ⇒ Object
• #valid? ⇒ Boolean

  file validation.

• #write(data) ⇒ Object

Instance Method Details

#decode(str, secret = secret) ⇒ Object

# File 'lib/keystorage.rb', line 52

def decode(str,secret=secret)
  dec = OpenSSL::Cipher::Cipher.new('aes256')
  dec.decrypt.pkcs5_keyivgen(secret)
  (dec.update(Array.new([str]).pack("H*")) + dec.final)
end

#encode(str, secret = secret) ⇒ Object

# File 'lib/keystorage.rb', line 46

def encode(str,secret=secret)
  enc = OpenSSL::Cipher::Cipher.new('aes256')
  enc.encrypt.pkcs5_keyivgen(secret)
  ((enc.update(str) + enc.final).unpack("H*")).first.to_s
end

#file ⇒ Object

# File 'lib/keystorage.rb', line 62

def file
  YAML.load(File.new(path)) || {}
end

#path ⇒ Object

# File 'lib/keystorage.rb', line 58

def path
  options[:file] || ENV['KEYSTORAGE_FILE'] || DEFAULT_FILE
end

#render(out, format = :text) ⇒ Object

# File 'lib/keystorage.rb', line 74

def render out,format =:text
  case format
  when :text then
    render_text out
  else
    raise FormatNotSupport.new(format.to_s)
  end
end

#render_text(out) ⇒ Object

# File 'lib/keystorage.rb', line 83

def render_text out
  if out.kind_of?(Array)
    out.join("\n")
  else
    out.to_s
  end
end

#root ⇒ Object

Raises:

• (NoRootGroup)

# File 'lib/keystorage.rb', line 27

def root
  raise NoRootGroup unless file.has_key?("@")
  file["@"] || {}
end

#root!(secret = secret, data = file) ⇒ Object

# File 'lib/keystorage.rb', line 32

def root! secret=secret,data=file
  data["@"] = {}
  data["@"]["token"] = token
  data["@"]["sig"] = sign(data["@"]["token"],secret)
  data
end

#secret ⇒ Object

# File 'lib/keystorage.rb', line 70

def secret
  options[:secret] || ENV['KEYSTORAGE_SECRET'] || DEFAULT_SECRET
end

#sign(message, secret = secret) ⇒ Object

Raises:

• (NoSecret)

# File 'lib/keystorage.rb', line 18

def sign message,secret=secret
  raise NoSecret.new("set env KEYSTORAGE_SECRET") unless secret
  OpenSSL::HMAC.hexdigest('sha512',secret, message)
end

#token ⇒ Object

# File 'lib/keystorage.rb', line 23

def token
  SecureRandom.urlsafe_base64(nil, false)
end

#valid? ⇒ Boolean

file validation

Returns:

• (Boolean)

# File 'lib/keystorage.rb', line 40

def valid?
  sign(root["token"]) == root["sig"]
rescue NoRootGroup
  write root!
end

#write(data) ⇒ Object

# File 'lib/keystorage.rb', line 66

def write data
  File.open(path,'w',0600) { |f| YAML.dump(data,f) }
end