Class: MasterKey

Inherits:

Object

• Object
• MasterKey

Defined in:

lib/team-secrets/master_key.rb

Constant Summary

CONFIG =

{
  cipher: 'aes-256-cbc',
  key_len: 32,
  iv_len: 16
}

Instance Attribute Summary

• #decrypted ⇒ Object readonly

  Returns the value of attribute decrypted.

• #encrypted ⇒ Object readonly

  Returns the value of attribute encrypted.

Class Method Summary

• .bin_to_hex(s) ⇒ Object
• .generate ⇒ Object
• .hex_to_bin(b) ⇒ Object

Instance Method Summary

• #decryptSecret(secret) ⇒ Object
• #decryptWithPrivateKey(private_key, pass_phrase = nil) ⇒ Object
• #encryptSecret(secret) ⇒ Object
• #encryptWithPublicKey(public_key) ⇒ Object
• #initialize(key, encrypted = true) ⇒ MasterKey constructor

  A new instance of MasterKey.

• #sign(string) ⇒ Object

Constructor Details

#initialize(key, encrypted = true) ⇒ MasterKey

Returns a new instance of MasterKey.

# File 'lib/team-secrets/master_key.rb', line 13

def initialize(key, encrypted = true)
    @defaultCipher = 'AES-256-CBC'

    if (encrypted)
        @encrypted = key
    else
        @decrypted = key
    end
end

Instance Attribute Details

#decrypted ⇒ Object (readonly)

Returns the value of attribute decrypted.

# File 'lib/team-secrets/master_key.rb', line 5

def decrypted
  @decrypted
end

#encrypted ⇒ Object (readonly)

Returns the value of attribute encrypted.

# File 'lib/team-secrets/master_key.rb', line 5

def encrypted
  @encrypted
end

Class Method Details

.bin_to_hex(s) ⇒ Object

# File 'lib/team-secrets/master_key.rb', line 65

def self.bin_to_hex(s)
    s.each_byte.map { |b| b.to_s(16).rjust(2,'0') }.join
end

.generate ⇒ Object

# File 'lib/team-secrets/master_key.rb', line 23

def self.generate
    cipher = OpenSSL::Cipher.new(CONFIG[:cipher])
    cipher.encrypt
    self.new(cipher.random_key, false)
end

.hex_to_bin(b) ⇒ Object

# File 'lib/team-secrets/master_key.rb', line 69

def self.hex_to_bin(b)
    [b].pack('H*')
end

Instance Method Details

#decryptSecret(secret) ⇒ Object

# File 'lib/team-secrets/master_key.rb', line 49

def decryptSecret(secret)
    decipher = OpenSSL::Cipher.new(CONFIG[:cipher])
    decipher.decrypt
    decipher.key = @decrypted
    iv_len = CONFIG[:iv_len]
    iv = secret[0..(iv_len-1)]
    secret = secret[iv_len..-1]
    decipher.iv = iv
    decipher.update(secret) + decipher.final
end

#decryptWithPrivateKey(private_key, pass_phrase = nil) ⇒ Object

# File 'lib/team-secrets/master_key.rb', line 35

def decryptWithPrivateKey(private_key, pass_phrase = nil)
    key = OpenSSL::PKey::RSA.new private_key, pass_phrase
    raise 'Not a private key' unless key.private?
    @decrypted = key.private_decrypt @encrypted
end

#encryptSecret(secret) ⇒ Object

# File 'lib/team-secrets/master_key.rb', line 41

def encryptSecret(secret)
    cipher = OpenSSL::Cipher.new(CONFIG[:cipher])
    cipher.encrypt
    cipher.key = @decrypted
    iv = cipher.random_iv
    iv + cipher.update(secret) + cipher.final
end

#encryptWithPublicKey(public_key) ⇒ Object

# File 'lib/team-secrets/master_key.rb', line 29

def encryptWithPublicKey(public_key)
    key = OpenSSL::PKey::RSA.new public_key
    raise 'Not a public key' unless key.public?
    @encrypted = key.public_encrypt @decrypted
end

#sign(string) ⇒ Object

# File 'lib/team-secrets/master_key.rb', line 60

def sign(string)
    raise 'Must first decrypt master key with private key' unless (@decrypted.is_a? String) || @decrypted.length
    self.class.bin_to_hex OpenSSL::HMAC.digest('sha256', @decrypted, string)
end