Class: CredStash::Secret

Inherits:

Object

• Object
• CredStash::Secret

Defined in:

lib/cred_stash/secret.rb

Instance Attribute Summary

• #encrypted_value ⇒ Object readonly

  Returns the value of attribute encrypted_value.

• #hmac ⇒ Object readonly

  Returns the value of attribute hmac.

• #key ⇒ Object readonly

  Returns the value of attribute key.

• #name ⇒ Object readonly

  Returns the value of attribute name.

• #value ⇒ Object readonly

  Returns the value of attribute value.

Class Method Summary

• .find(name, context: {}) ⇒ Object
• .repository ⇒ Object

Instance Method Summary

• #decrypted_value ⇒ Object
• #encrypt!(kms_key_id: nil) ⇒ Object
• #falsified? ⇒ Boolean
• #initialize(name:, value: nil, key: nil, encrypted_value: nil, hmac: nil, context: {}) ⇒ Secret constructor

  A new instance of Secret.

• #save ⇒ Object

Constructor Details

#initialize(name:, value: nil, key: nil, encrypted_value: nil, hmac: nil, context: {}) ⇒ Secret

Returns a new instance of Secret.

# File 'lib/cred_stash/secret.rb', line 4

def initialize(name:, value: nil, key: nil, encrypted_value: nil, hmac: nil, context: {})
  @name = name
  @value = value
  @key = key
  @encrypted_value = encrypted_value
  @hmac = hmac
  @context = context
end

Instance Attribute Details

#encrypted_value ⇒ Object (readonly)

Returns the value of attribute encrypted_value.

# File 'lib/cred_stash/secret.rb', line 2

def encrypted_value
  @encrypted_value
end

#hmac ⇒ Object (readonly)

Returns the value of attribute hmac.

# File 'lib/cred_stash/secret.rb', line 2

def hmac
  @hmac
end

#key ⇒ Object (readonly)

Returns the value of attribute key.

# File 'lib/cred_stash/secret.rb', line 2

def key
  @key
end

#name ⇒ Object (readonly)

Returns the value of attribute name.

# File 'lib/cred_stash/secret.rb', line 2

def name
  @name
end

#value ⇒ Object (readonly)

Returns the value of attribute value.

# File 'lib/cred_stash/secret.rb', line 2

def value
  @value
end

Class Method Details

.find(name, context: {}) ⇒ Object

# File 'lib/cred_stash/secret.rb', line 32

def find(name, context: {})
  item = repository.get(name)
  new(
    name: name,
    key: CredStash::CipherKey.decrypt(Base64.decode64(item.key), context: context),
    encrypted_value: Base64.decode64(item.contents),
    hmac: item.hmac
  )
end

.repository ⇒ Object

# File 'lib/cred_stash/secret.rb', line 42

def repository
  CredStash::Repository.instance
end

Instance Method Details

#decrypted_value ⇒ Object

# File 'lib/cred_stash/secret.rb', line 27

def decrypted_value
  @key.decrypt(@encrypted_value)
end

#encrypt!(kms_key_id: nil) ⇒ Object

# File 'lib/cred_stash/secret.rb', line 13

def encrypt!(kms_key_id: nil)
  @key = CredStash::CipherKey.generate(kms_key_id: kms_key_id, context: @context)
  @encrypted_value = @key.encrypt(@value)
  @hmac = @key.hmac(@encrypted_value)
end

#falsified? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/cred_stash/secret.rb', line 23

def falsified?
  @key.hmac(@encrypted_value) == @hmac
end

#save ⇒ Object

# File 'lib/cred_stash/secret.rb', line 19

def save
  self.class.repository.put(to_item)
end