class Muchkeys::Secret
Constants
- CIPHER_SUITE
Attributes
app_client[RW]
Public Class Methods
new(app_client)
click to toggle source
# File lib/muchkeys/secret.rb, line 12 def initialize(app_client) @app_client = app_client end
Public Instance Methods
auto_certificates_exist_for_key?(key)
click to toggle source
# File lib/muchkeys/secret.rb, line 41 def auto_certificates_exist_for_key?(key) file_exists?(certfile_name(key)) end
certfile_name(key_name)
click to toggle source
turn a key_name into a SSL cert file name by convention
# File lib/muchkeys/secret.rb, line 28 def certfile_name(key_name) key_parts = key_name.match /(.*)\/#{secrets_path_hint}(.*)/ # FIXME this already checked in the secretes validator, we don't need to # check it again raise Muchkeys::InvalidKey, "#{key_name} doesn't look like a secret" if key_parts.nil? key_base = key_parts[1].gsub(/^git\//, "") config.public_key || "#{ENV['HOME']}/.keys/#{key_base}.pem" end
decrypt_string(val, public_key = nil, private_key = nil)
click to toggle source
# File lib/muchkeys/secret.rb, line 45 def decrypt_string(val, public_key = nil, private_key = nil) cert = OpenSSL::X509::Certificate.new(read_ssl_key(public_key)) key = OpenSSL::PKey::RSA.new(read_ssl_key(private_key)) OpenSSL::PKCS7.new(val).decrypt(key, cert) end
encrypt_string(val, public_key)
click to toggle source
# File lib/muchkeys/secret.rb, line 21 def encrypt_string(val, public_key) cipher = OpenSSL::Cipher.new CIPHER_SUITE cert = OpenSSL::X509::Certificate.new File.read(public_key) OpenSSL::PKCS7::encrypt([cert], val, cipher, OpenSSL::PKCS7::BINARY) end
is_secret?(key_name)
click to toggle source
# File lib/muchkeys/secret.rb, line 37 def is_secret?(key_name) key_name.match(/\/#{secrets_path_hint}/) != nil end
secrets_path_hint()
click to toggle source
the path that clues Muchkeys
that this path contains secrets
# File lib/muchkeys/secret.rb, line 17 def secrets_path_hint config.secrets_hint || "secrets" end
Private Instance Methods
file_exists?(path)
click to toggle source
Why would we even do this? For stubbing.
# File lib/muchkeys/secret.rb, line 58 def file_exists?(path) File.exist?(path) end
key_validator()
click to toggle source
# File lib/muchkeys/secret.rb, line 62 def key_validator Muchkeys::KeyValidator end
read_ssl_key(file_name)
click to toggle source
# File lib/muchkeys/secret.rb, line 53 def read_ssl_key(file_name) File.read(file_name) end
secret_adapter()
click to toggle source
# File lib/muchkeys/secret.rb, line 66 def secret_adapter Muchkeys::Secret end