class Muchkeys::Secret

Constants

CIPHER_SUITE

Attributes

app_client[RW]

Public Class Methods

new(app_client) click to toggle source
# File lib/muchkeys/secret.rb, line 12
def initialize(app_client)
  @app_client = app_client
end

Public Instance Methods

auto_certificates_exist_for_key?(key) click to toggle source
# File lib/muchkeys/secret.rb, line 41
def auto_certificates_exist_for_key?(key)
  file_exists?(certfile_name(key))
end
certfile_name(key_name) click to toggle source

turn a key_name into a SSL cert file name by convention

# File lib/muchkeys/secret.rb, line 28
def certfile_name(key_name)
  key_parts = key_name.match /(.*)\/#{secrets_path_hint}(.*)/
  # FIXME this already checked in the secretes validator, we don't need to
  # check it again
  raise Muchkeys::InvalidKey, "#{key_name} doesn't look like a secret" if key_parts.nil?
  key_base = key_parts[1].gsub(/^git\//, "")
  config.public_key || "#{ENV['HOME']}/.keys/#{key_base}.pem"
end
decrypt_string(val, public_key = nil, private_key = nil) click to toggle source
# File lib/muchkeys/secret.rb, line 45
def decrypt_string(val, public_key = nil, private_key = nil)
  cert = OpenSSL::X509::Certificate.new(read_ssl_key(public_key))
  key  = OpenSSL::PKey::RSA.new(read_ssl_key(private_key))
  OpenSSL::PKCS7.new(val).decrypt(key, cert)
end
encrypt_string(val, public_key) click to toggle source
# File lib/muchkeys/secret.rb, line 21
 def encrypt_string(val, public_key)
  cipher = OpenSSL::Cipher.new CIPHER_SUITE
  cert   = OpenSSL::X509::Certificate.new File.read(public_key)
  OpenSSL::PKCS7::encrypt([cert], val, cipher, OpenSSL::PKCS7::BINARY)
end
is_secret?(key_name) click to toggle source
# File lib/muchkeys/secret.rb, line 37
def is_secret?(key_name)
  key_name.match(/\/#{secrets_path_hint}/) != nil
end
secrets_path_hint() click to toggle source

the path that clues Muchkeys that this path contains secrets

# File lib/muchkeys/secret.rb, line 17
def secrets_path_hint
  config.secrets_hint || "secrets"
end

Private Instance Methods

file_exists?(path) click to toggle source

Why would we even do this? For stubbing.

# File lib/muchkeys/secret.rb, line 58
def file_exists?(path)
  File.exist?(path)
end
key_validator() click to toggle source
# File lib/muchkeys/secret.rb, line 62
def key_validator
  Muchkeys::KeyValidator
end
read_ssl_key(file_name) click to toggle source
# File lib/muchkeys/secret.rb, line 53
def read_ssl_key(file_name)
  File.read(file_name)
end
secret_adapter() click to toggle source
# File lib/muchkeys/secret.rb, line 66
def secret_adapter
  Muchkeys::Secret
end