confidential_info_manager 0.1.0 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +3 -0
- data/.travis.yml +12 -1
- data/Gemfile +4 -0
- data/README.md +23 -3
- data/confidential_info_manager.gemspec +0 -2
- data/lib/confidential_info_manager.rb +3 -0
- data/lib/confidential_info_manager/core.rb +54 -5
- data/lib/confidential_info_manager/version.rb +1 -1
- data/lib/confidential_info_manager/yaml.rb +26 -0
- metadata +3 -30
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6d1b530c264f77561de2998da5efe01820d087ca
|
4
|
+
data.tar.gz: f82d77b1986ea565ff47d091db6f90004cd1f7bb
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b65ea88fe6d3e9bde78a25ef1725b6f0eafe56cd41bd8fc274cbb131e3bc1acc340660a80fde532641df7424577a8804ee02ac2018caac2460e192c0dd355278
|
7
|
+
data.tar.gz: d3f5a13bfece63e188ce4b493bf3c2bb69dcac005c35119b86fcb5b99b431bf70bcb1206b85ce2d8d00c3bd240cc78360952face052d679b30d617cb7e39fad9
|
data/.gitignore
CHANGED
data/.travis.yml
CHANGED
@@ -1,4 +1,15 @@
|
|
1
1
|
language: ruby
|
2
2
|
rvm:
|
3
|
-
|
3
|
+
- 1.9.3
|
4
|
+
- 2.0.0
|
5
|
+
- 2.1.5
|
6
|
+
- 2.2.2
|
7
|
+
- 2.2.3
|
8
|
+
notifications:
|
9
|
+
slack:
|
10
|
+
secure: NbFo5KxFajRvNkbUU+PyA+pj3BiUDBJo5JXbn0PzEkzSXZ5XO/EbWP/VE9I3V7XlTNyAtkUmy6bHM40qOKqjH/pybmtTGR0hD7DbE2qEVKU4o0+6eFM0Qu6d+ws/gnJFsoAorVQmCazzsCchCINVGGExVJ17sXrEIRNFVN/G2SX7HkirChE6kgkNX1+BhMV0eWhI1nAFpJE7x2wSVRo7VutgQ0ArOktR6PP1OlI3xWNq7WXRFYdlho4zZir/9dETwwioib0OanmMYyZpymnPmNp2gTjhtUaCGtZJzfcTYZ4Wqj19l/O/pAVsdnYeydJC9J9n2RDxxffbcfcJ66hVOLhVGehtQsAkV9LESlwm2PtUmo+iC9SnSarFV9725ilkfFYv07Ob0lz1byKprRjrvftB3jce6EMVKBMEkz7g83tEGtzEu8590mL2lhLhjfGn+3JA4Kty8O39qA1ptCdMEq/mVPiNaQjXIbJO5PNy36UutusT3KdScF6VfHnn1tURdRYttBF6dY9qIzCui0veQaxCAJbQxIC49Q80Dg9ZHtvi/mHJoVXC8oxEUpr8sjpJvbklfqexDpeuXTVq3yCOGF1Wb5VA2DQSS+aDVU3AxvnlUgurQZ7XVovHbq+d0C20V5ihPfjHJWL4T26LYM2hdaxBB2t6YJ+Nt8WRSugFKdU=
|
4
11
|
before_install: gem install bundler -v 1.10.4
|
12
|
+
script: bundle exec rspec
|
13
|
+
branches:
|
14
|
+
only:
|
15
|
+
- master
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -1,9 +1,9 @@
|
|
1
1
|
# ConfidentialInfoManager
|
2
|
+
[![Build Status](https://travis-ci.org/tatsu07/confidential_info_manager.svg?branch=master)](https://travis-ci.org/tatsu07/confidential_info_manager)
|
3
|
+
[![Coverage Status](https://coveralls.io/repos/tatsu07/confidential_info_manager/badge.svg?branch=master&service=github)](https://coveralls.io/github/tatsu07/confidential_info_manager?branch=master)
|
2
4
|
|
3
5
|
Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/confidential_info_manager`. To experiment with that code, run `bin/console` for an interactive prompt.
|
4
6
|
|
5
|
-
TODO: Delete this and the text above, and describe your gem
|
6
|
-
|
7
7
|
## Installation
|
8
8
|
|
9
9
|
Add this line to your application's Gemfile:
|
@@ -22,20 +22,40 @@ Or install it yourself as:
|
|
22
22
|
|
23
23
|
## Usage
|
24
24
|
|
25
|
+
Please the password and the salt used in the encrypter and decrypter passing the same thing at the time of instance generation
|
26
|
+
|
25
27
|
### Use as an object
|
26
28
|
|
27
29
|
```ruby
|
28
30
|
require "confidential_info_manager"
|
29
31
|
|
30
32
|
raw_data = "string"
|
33
|
+
# salt is no problem even if arbitrarily created
|
34
|
+
salt = ConfidentialInfoManager::Core.generate_salt
|
31
35
|
|
32
|
-
manager = ConfidentialInfoManager::Core.new("password")
|
36
|
+
manager = ConfidentialInfoManager::Core.new("password", salt)
|
33
37
|
# encrypt
|
34
38
|
encrypt_data = manager.encrypt(raw_data)
|
35
39
|
# decrypt
|
36
40
|
decrypt_data = manager.decrypt(encrypt_data, String)
|
37
41
|
```
|
38
42
|
|
43
|
+
### Save to YAML, load to YAML
|
44
|
+
|
45
|
+
```ruby
|
46
|
+
require "confidential_info_manager"
|
47
|
+
|
48
|
+
password = "password"
|
49
|
+
salt = ConfidentialInfoManager::Core.generate_salt
|
50
|
+
file_path = "/tmp"
|
51
|
+
secret_data = { API_KEY: "abcedefg", API_SECRET_KEY: "abcedfg" }
|
52
|
+
|
53
|
+
confidential_info_manager = ConfidentialInfoManager::YAML.new(pass, salt)
|
54
|
+
confidential_info_manager.save(secret_data, file_path)
|
55
|
+
yaml_data = confidential_info_manager.load(file_path)
|
56
|
+
|
57
|
+
```
|
58
|
+
|
39
59
|
## Development
|
40
60
|
|
41
61
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake rspec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
@@ -13,12 +13,21 @@ module ConfidentialInfoManager
|
|
13
13
|
##
|
14
14
|
# constructor
|
15
15
|
# @param [String] password
|
16
|
+
# @param [String] salt
|
16
17
|
# @param [String] mode
|
17
|
-
# @see OpenSSL
|
18
|
-
def initialize(password, mode="AES-256-CBC")
|
18
|
+
# @see http://docs.ruby-lang.org/en/2.2.0/OpenSSL/Cipher.html
|
19
|
+
def initialize(password, salt, mode="AES-256-CBC")
|
19
20
|
generate_encrypter(mode)
|
20
21
|
generate_decrypter(mode)
|
21
|
-
set_key_and_iv(password)
|
22
|
+
set_key_and_iv(password, salt)
|
23
|
+
end
|
24
|
+
|
25
|
+
##
|
26
|
+
# generate salt
|
27
|
+
# @param [Integer] length
|
28
|
+
# @return [String] salt
|
29
|
+
def self.generate_salt(length = RANDOM_BYTES)
|
30
|
+
OpenSSL::Random.random_bytes(length)
|
22
31
|
end
|
23
32
|
|
24
33
|
##
|
@@ -34,9 +43,12 @@ module ConfidentialInfoManager
|
|
34
43
|
secret_data = Marshal.dump(secret_data)
|
35
44
|
end
|
36
45
|
|
46
|
+
@@encrypter.reset
|
47
|
+
|
37
48
|
encrypted_data = ""
|
38
49
|
encrypted_data << @@encrypter.update(secret_data)
|
39
50
|
encrypted_data << @@encrypter.final
|
51
|
+
Base64.strict_encode64(encrypted_data)
|
40
52
|
end
|
41
53
|
|
42
54
|
##
|
@@ -46,6 +58,9 @@ module ConfidentialInfoManager
|
|
46
58
|
# @note String/Fixnum/Bignum/Float/Array/Hash
|
47
59
|
# @return [Object] decrypted data
|
48
60
|
def decrypt(encrypted_data, type=String)
|
61
|
+
@@decrypter.reset
|
62
|
+
|
63
|
+
encrypted_data = Base64.strict_decode64(encrypted_data)
|
49
64
|
decrypted_data = ""
|
50
65
|
decrypted_data << @@decrypter.update(encrypted_data)
|
51
66
|
decrypted_data << @@decrypter.final
|
@@ -60,13 +75,47 @@ module ConfidentialInfoManager
|
|
60
75
|
decrypted_data
|
61
76
|
end
|
62
77
|
|
78
|
+
##
|
79
|
+
# encrypt only value
|
80
|
+
# @param [Object] secret_data
|
81
|
+
# @note Object is allowed an Hash or Array
|
82
|
+
# @return [Object] encrypted data
|
83
|
+
# @note Array/Hash
|
84
|
+
def encrypt_only_value(secret_data)
|
85
|
+
case secret_data
|
86
|
+
when Hash
|
87
|
+
Hash[secret_data.map { |key, val| [key, encrypt(val)] }]
|
88
|
+
when Array
|
89
|
+
secret_data.map { |val| encrypt(val) }
|
90
|
+
else
|
91
|
+
encrypt(secret_data)
|
92
|
+
end
|
93
|
+
end
|
94
|
+
|
95
|
+
##
|
96
|
+
# decrypt only value
|
97
|
+
# @param [Object] encrypted_data
|
98
|
+
# @note Object is allowed an Hash or Array
|
99
|
+
# @return [Object] decrypted data
|
100
|
+
# @note Array/Hash
|
101
|
+
def decrypt_only_value(encrypted_data)
|
102
|
+
case encrypted_data
|
103
|
+
when Hash
|
104
|
+
Hash[encrypted_data.map { |key, val| [key, decrypt(val)] }]
|
105
|
+
when Array
|
106
|
+
encrypted_data.map { |val| decrypt(val) }
|
107
|
+
else
|
108
|
+
decrypt(encrypted_data)
|
109
|
+
end
|
110
|
+
end
|
111
|
+
|
63
112
|
private
|
64
113
|
|
65
114
|
##
|
66
115
|
# setting key and iv
|
67
116
|
# @param [String] password
|
68
|
-
|
69
|
-
|
117
|
+
# @param [String] salt
|
118
|
+
def set_key_and_iv(password, salt)
|
70
119
|
# Generated from the password and salt the key and IV in accordance with PKCS#5
|
71
120
|
key_iv = OpenSSL::PKCS5.pbkdf2_hmac_sha1(
|
72
121
|
password, salt, ITERATOR_COUNT,
|
@@ -0,0 +1,26 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
|
3
|
+
module ConfidentialInfoManager
|
4
|
+
|
5
|
+
class YAML < Core
|
6
|
+
|
7
|
+
##
|
8
|
+
# YAML file save
|
9
|
+
# @param [Object] secret_data
|
10
|
+
# @note Object is a String or Array or Hash
|
11
|
+
# @param [String] file_path
|
12
|
+
def save(secret_data, file_path)
|
13
|
+
File.open(file_path, "w") { |file| ::YAML.dump(encrypt_only_value(secret_data), file) }
|
14
|
+
end
|
15
|
+
|
16
|
+
##
|
17
|
+
# YAML file load
|
18
|
+
# @param [String] file_path
|
19
|
+
# @return [Hash]
|
20
|
+
def load(file_path)
|
21
|
+
decrypt_only_value(::YAML.load(File.read(file_path)))
|
22
|
+
end
|
23
|
+
|
24
|
+
end
|
25
|
+
|
26
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: confidential_info_manager
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- tatsu07
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-12-
|
11
|
+
date: 2015-12-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -66,34 +66,6 @@ dependencies:
|
|
66
66
|
- - ">="
|
67
67
|
- !ruby/object:Gem::Version
|
68
68
|
version: '0'
|
69
|
-
- !ruby/object:Gem::Dependency
|
70
|
-
name: yaml
|
71
|
-
requirement: !ruby/object:Gem::Requirement
|
72
|
-
requirements:
|
73
|
-
- - ">="
|
74
|
-
- !ruby/object:Gem::Version
|
75
|
-
version: '0'
|
76
|
-
type: :development
|
77
|
-
prerelease: false
|
78
|
-
version_requirements: !ruby/object:Gem::Requirement
|
79
|
-
requirements:
|
80
|
-
- - ">="
|
81
|
-
- !ruby/object:Gem::Version
|
82
|
-
version: '0'
|
83
|
-
- !ruby/object:Gem::Dependency
|
84
|
-
name: json
|
85
|
-
requirement: !ruby/object:Gem::Requirement
|
86
|
-
requirements:
|
87
|
-
- - ">="
|
88
|
-
- !ruby/object:Gem::Version
|
89
|
-
version: '0'
|
90
|
-
type: :development
|
91
|
-
prerelease: false
|
92
|
-
version_requirements: !ruby/object:Gem::Requirement
|
93
|
-
requirements:
|
94
|
-
- - ">="
|
95
|
-
- !ruby/object:Gem::Version
|
96
|
-
version: '0'
|
97
69
|
description: It provides the encryption and decryption of data . Also , save the encrypted
|
98
70
|
data in JSON or YAML, you can you read .
|
99
71
|
email:
|
@@ -116,6 +88,7 @@ files:
|
|
116
88
|
- lib/confidential_info_manager.rb
|
117
89
|
- lib/confidential_info_manager/core.rb
|
118
90
|
- lib/confidential_info_manager/version.rb
|
91
|
+
- lib/confidential_info_manager/yaml.rb
|
119
92
|
homepage: https://github.com/tatsu07/confidential_info_manager
|
120
93
|
licenses:
|
121
94
|
- MIT
|