Class: Trustworthy::Settings
- Inherits:
-
Object
- Object
- Trustworthy::Settings
- Defined in:
- lib/trustworthy/settings.rb
Class Method Summary collapse
Instance Method Summary collapse
- #_cipher_from_password(salt, password) ⇒ Object
- #_decrypt(ciphertext, salt, password) ⇒ Object
- #_encrypt(plaintext, salt, password) ⇒ Object
- #add_key(key, username, password) ⇒ Object
- #empty? ⇒ Boolean
- #find_key(username) ⇒ Object
-
#initialize(store) ⇒ Settings
constructor
A new instance of Settings.
- #key?(username) ⇒ Boolean
- #recoverable? ⇒ Boolean
- #unlock_key(username, password) ⇒ Object
Constructor Details
#initialize(store) ⇒ Settings
Returns a new instance of Settings.
12 13 14 |
# File 'lib/trustworthy/settings.rb', line 12 def initialize(store) @store = store end |
Class Method Details
.open(filename) ⇒ Object
3 4 5 6 7 8 9 10 |
# File 'lib/trustworthy/settings.rb', line 3 def self.open(filename) store = YAML::Store.new(filename) store.ultra_safe = true if store.respond_to?(:ultra_safe=) store.transaction do yield Trustworthy::Settings.new(store) end end |
Instance Method Details
#_cipher_from_password(salt, password) ⇒ Object
46 47 48 49 50 |
# File 'lib/trustworthy/settings.rb', line 46 def _cipher_from_password(salt, password) cost, salt = salt.rpartition('$') key = SCrypt::Engine.scrypt(password, salt, cost, Trustworthy::Cipher.key_len) Trustworthy::Cipher.new(key) end |
#_decrypt(ciphertext, salt, password) ⇒ Object
52 53 54 55 56 57 58 |
# File 'lib/trustworthy/settings.rb', line 52 def _decrypt(ciphertext, salt, password) cipher = _cipher_from_password(salt, password) nonce, ciphertext = ciphertext.split('--').map do |field| Base64.decode64(field) end cipher.decrypt(nonce, '', ciphertext) end |
#_encrypt(plaintext, salt, password) ⇒ Object
60 61 62 63 64 65 66 67 |
# File 'lib/trustworthy/settings.rb', line 60 def _encrypt(plaintext, salt, password) cipher = _cipher_from_password(salt, password) nonce = Trustworthy::Cipher.generate_nonce ciphertext = cipher.encrypt(nonce, '', plaintext) [nonce, ciphertext].map do |field| Base64.strict_encode64(field) end.join('--') end |
#add_key(key, username, password) ⇒ Object
16 17 18 19 20 |
# File 'lib/trustworthy/settings.rb', line 16 def add_key(key, username, password) salt = SCrypt::Engine.generate_salt(Trustworthy::SCryptParams) encrypted_point = _encrypt(key.to_s, salt, password) @store[username] = {'salt' => salt, 'encrypted_point' => encrypted_point, 'timestamp' => DateTime.now.iso8601} end |
#empty? ⇒ Boolean
22 23 24 |
# File 'lib/trustworthy/settings.rb', line 22 def empty? @store.roots.empty? end |
#find_key(username) ⇒ Object
26 27 28 |
# File 'lib/trustworthy/settings.rb', line 26 def find_key(username) @store[username] end |
#key?(username) ⇒ Boolean
30 31 32 |
# File 'lib/trustworthy/settings.rb', line 30 def key?(username) @store.root?(username) end |
#recoverable? ⇒ Boolean
34 35 36 |
# File 'lib/trustworthy/settings.rb', line 34 def recoverable? @store.roots.count >= 2 end |
#unlock_key(username, password) ⇒ Object
38 39 40 41 42 43 44 |
# File 'lib/trustworthy/settings.rb', line 38 def unlock_key(username, password) key = find_key(username) salt = key['salt'] ciphertext = key['encrypted_point'] plaintext = _decrypt(ciphertext, salt, password) Trustworthy::Key.create_from_string(plaintext) end |