Class: Pantry::Communication::Security::CurveKeyStore

Inherits:

Object

• Object
• Pantry::Communication::Security::CurveKeyStore

Defined in:

lib/pantry/communication/security/curve_key_store.rb

Overview

CurveKeyStore manages the storage, reading, and writing of all Curve-related key-pairs.

Clients keep track of the public key of the server they talk to Servers keep track of the list of public keys of Clients who are allowed to connect.

All keys are stored under Pantry.root/security/curve

Instance Attribute Summary

• #private_key ⇒ Object readonly

  Returns the value of attribute private_key.

• #public_key ⇒ Object readonly

  Returns the value of attribute public_key.

• #server_public_key ⇒ Object readonly

  Returns the value of attribute server_public_key.

Instance Method Summary

• #create_client ⇒ Object

  Generate and store a new Client pub/priv key pair Only the Public key is stored locally for authentication purposes.

• #initialize(my_key_pair_name) ⇒ CurveKeyStore constructor

  A new instance of CurveKeyStore.

• #known_client?(client_public_key) ⇒ Boolean

  Check if the given client public key is known by this server or not.

Constructor Details

#initialize(my_key_pair_name) ⇒ CurveKeyStore

Returns a new instance of CurveKeyStore.

# File 'lib/pantry/communication/security/curve_key_store.rb', line 17

def initialize(my_key_pair_name)
  @base_key_dir  = Pantry.root.join("security", "curve")
  @my_keys_file  = @base_key_dir.join("#{my_key_pair_name}.yml")
  @known_clients = []

  ensure_directory_structure
  check_or_generate_my_keys
end

Instance Attribute Details

#private_key ⇒ Object (readonly)

Returns the value of attribute private_key.

# File 'lib/pantry/communication/security/curve_key_store.rb', line 15

def private_key
  @private_key
end

#public_key ⇒ Object (readonly)

Returns the value of attribute public_key.

# File 'lib/pantry/communication/security/curve_key_store.rb', line 15

def public_key
  @public_key
end

#server_public_key ⇒ Object (readonly)

Returns the value of attribute server_public_key.

# File 'lib/pantry/communication/security/curve_key_store.rb', line 15

def server_public_key
  @server_public_key
end

Instance Method Details

#create_client ⇒ Object

Generate and store a new Client pub/priv key pair Only the Public key is stored locally for authentication purposes. Returns a hash of all relevant keys for the Client to connect and Auth.

# File 'lib/pantry/communication/security/curve_key_store.rb', line 46

def create_client
  client_public, client_private = ZMQ::Util.curve_keypair
  store_known_client(client_public)

  {
    server_public_key: @public_key,
    public_key: client_public,
    private_key: client_private
  }
end

#known_client?(client_public_key) ⇒ Boolean

Check if the given client public key is known by this server or not. To facilitate the initial setup process of a new Pantry Server, this will allow and store the first client to connect to this server and will write out that client’s public key as valid.

Used solely by the Server

Returns:

• (Boolean)

# File 'lib/pantry/communication/security/curve_key_store.rb', line 32

def known_client?(client_public_key)
  encoded_key = z85_encode(client_public_key)
  if @known_clients.empty?
    store_known_client(encoded_key)
    true
  else
    @known_clients.include?(encoded_key)
  end
end