cryptic 1.0.0.beta.8 → 1.0.0.beta.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/cryptic +1 -1
- data/cryptic_private.pem +26 -26
- data/cryptic_public.pem +7 -7
- data/lib/cryptic/keypair.rb +51 -34
- data/lib/cryptic/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e35bfdebfe81ab3a5f56618ad5a231e1f1db4e7d
|
4
|
+
data.tar.gz: 980067e2811eef4752ff7964ded44bbe546a59f4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a58727274617570b059f332d843236dd5c37aeb4397c2d48979e40357a07468b9beede0a5e6f8c47c1adb9e082a4f76f10c647d425fdc66983edc8b45b0b09c1
|
7
|
+
data.tar.gz: e99ecbd7df5eb8461512e93bfbed18434257284f0a457b0695678ade19b20533f6baf90dbb34ef43a7ff840262e3ba4f7a1a4e84c68ce58223143ec5e311c82c
|
data/bin/cryptic
CHANGED
@@ -62,7 +62,7 @@ class CrypticCLI < Thor
|
|
62
62
|
method_option :passphrase, aliases: %w[-p], default: nil, desc: 'The passphrase to generate the private key with'
|
63
63
|
method_option :path, aliases: %w[-o], default: '.', desc: 'Where to place the generated keys'
|
64
64
|
def generate
|
65
|
-
keypair = Cryptic::Keypair.
|
65
|
+
keypair = Cryptic::Keypair.generate(options[:passphrase], options[:bits])
|
66
66
|
keypair.save(options[:path])
|
67
67
|
$stdout.puts "Generated keys saved as '#{File.expand_path(options[:path])}/cryptic_public.pem' and '#{File.expand_path(options[:path])}/cryptic_private.pem'"
|
68
68
|
rescue Cryptic::KeyGenerationFailure => e
|
data/cryptic_private.pem
CHANGED
@@ -1,30 +1,30 @@
|
|
1
1
|
-----BEGIN RSA PRIVATE KEY-----
|
2
2
|
Proc-Type: 4,ENCRYPTED
|
3
|
-
DEK-Info: AES-256-CBC,
|
3
|
+
DEK-Info: AES-256-CBC,16AE475ED7BBA9616BCC2ED1DD9767BA
|
4
4
|
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
/
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
+
|
27
|
-
|
28
|
-
|
29
|
-
|
5
|
+
2Q9bz24t9hKHCWtyP5PIETJyRUjrFJ+lLcBekXecjhGmjKNrJLPb5cE4GchEIUGs
|
6
|
+
scRYO/UFntbBz+FVHk9pHMyl6ZEyF2notsgvw53EZoOHHjRbZhTI+jMZnpgA6fI2
|
7
|
+
TjCyA2o91YyWBL07HxwlHntzyQ1X8CPsju9zAIV1rFPPC84Udkj5Ze5Gq/B9gRQH
|
8
|
+
gKPSoW7HnixFrhn2tKYvCZo2AoTlgzuTNpcQa+wiXlDf99pvcqJ7+UtXqrRK5WHx
|
9
|
+
gfm0TpZXZx9Pjq8PiV8nolkoGXgtnv9H5tTNFeFxz2KV/qFpllWYJc0MUQGC5+Wn
|
10
|
+
rScUb44g0+wvnO28jT1TmCgIwmZVHrHR+19fhgg6bK/h2RiO1e1+vRk82ird4Izf
|
11
|
+
O85mdsDC6fKCB0vwgvRTXpyo8fuo9yVYwZEdW3oW3xHi7wZ2Lu+2qG8gg3EAhU5Q
|
12
|
+
K56e4sLeZVRZ7ElgNQUMgJpS3A5b9OgK9NyZRY7YwS8xJPeypn92Z5wOoSexypL/
|
13
|
+
66EuALauS3Y2vBbD91i4Zu+MMCialWvkSnTVA9gwvgkfzc1Db0VJ6B36epDHvv0f
|
14
|
+
ZFPKjiq1qK2u6sefSjRrICcqo7zYq4g5PTlcKh2gqJi3jPCXsBNa6RP2L3astvsf
|
15
|
+
DkoyNg3fpS0eul+uomaiULyzm44Zgo2sitW6BziEzgAe4Nf5aCmec5EqtSSsi0/h
|
16
|
+
p+hwZN38gK1wMNuasPJFaulXNv1SFhPzi1Vjr0xL+PatbqxcNikf1sL/u+PUb029
|
17
|
+
cecDIZ+eKqbiYHaTaRd05RyIq7GQtmbQC18n4EQIvpVrc82cKtkpSNGTymSP/kHr
|
18
|
+
tRiIx3WuGyzGmxYUVb/i1zZLwPJ/7wwIMW51Hh3H7TO9jcU/APHyP+MLXi0CDTWv
|
19
|
+
XHkAsjz+gu/cqrRa/JeMQCYf/e7RgTew4bpBcmpI+bCWixMbAeL72bwClJjUbbwz
|
20
|
+
tiF7XCiQgaD3st+l7GzkAHf55xL0qptcs/d/JsLBlNCF+Vc+7rpGJyCCHcM/stGz
|
21
|
+
Y76E43Pd++P/steFLInzNZWZqjK0FNBTr1GfWPlYEFkpKeW/I0Cz3B4JPu1et8wx
|
22
|
+
zdjmRe/0Q+O+b9I4Ox+KhxkUnQz7O3qsJ5om1TJNEaSE5yw0mBbLNzh84Lml4C9a
|
23
|
+
qU3VxMJMngZMFuc9cnjogsBfbk10r4+zJ3c+YDq60pwn8gDuHQmSejxtHQhI5l+P
|
24
|
+
QPN2cVgSVIQlOiYXZaCjSshlAJ6Hbm5BEDseaYb1ponARYFqChMtqa+gOC8V9mMq
|
25
|
+
cTgncYYaCoi5EXNdLToE7pLp5vgEX0yN1aNvQPog5sYQgaHe03tOLK0ncdIryqtW
|
26
|
+
PdRbqb+KgJPN+AI+n0CP9b+ucpjqQqEZe2H9oqgLtltYIRj3ads5/8tTWMhBqFpE
|
27
|
+
bE8wwHIbp65f7fun3PAtMKNSq7QMdWxpuM10ECpzZR9r6hRzSjMwQpzRlm2N3pXj
|
28
|
+
z5Ib4IIU/jKo2Vkn3ZzWwSbZLbDQRy8kYxHbudNKqCaSk8EhknNwNyWi1P3AtiHw
|
29
|
+
k2CPcMSXvBo2cenorQbmkOgWboateZdlx8Sjpwfpd4WhiwHRsjxo3PSuzzhPWLP9
|
30
30
|
-----END RSA PRIVATE KEY-----
|
data/cryptic_public.pem
CHANGED
@@ -1,9 +1,9 @@
|
|
1
1
|
-----BEGIN PUBLIC KEY-----
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
2
|
+
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77uynFjDr8QenZojWGao
|
3
|
+
beqNoMB7f64QmTa7dnLgU1VDtkBn4ni3lzCXbaILvNb3fSP26qnry1vbJmxxJxd+
|
4
|
+
Vbz1Uo34+xGNmXRnQirY4PyOXrz6PhYScua/JvCr+mUo5tBz7SowG1UuH2eMWLyS
|
5
|
+
pcttlnNFaPGeuXkSuaO95ObLcXJIJgQdvFB+yccjLV218GjYR4ncYmOGXs+lxQWI
|
6
|
+
wywF2T160228JXWtNHwAfDe7cNUlgAknopMsTYuekMvDE9VB+vF0J+n+iRaQ3sOE
|
7
|
+
oqyPBuRJii3fG3h/F6sB/cOvBwd5J688u7LVRHbQJ/5IQ33WOAb36GBv13uoEv7Y
|
8
|
+
RwIDAQAB
|
9
9
|
-----END PUBLIC KEY-----
|
data/lib/cryptic/keypair.rb
CHANGED
@@ -16,7 +16,7 @@ module Cryptic
|
|
16
16
|
# Initializes a Cryptic::Keypair object from a private/public keypair
|
17
17
|
#
|
18
18
|
# @note The passphrase isn't saved
|
19
|
-
# @todo
|
19
|
+
# @todo Code clean up between initialize and generate!
|
20
20
|
# @todo Validate that keys are public/private
|
21
21
|
# @param [String] private_key the private key (or file) to use
|
22
22
|
# @param [Hash] opts additional options to configure your Keypair with
|
@@ -25,32 +25,41 @@ module Cryptic
|
|
25
25
|
# from
|
26
26
|
# @return [Keypair] the initialized Cryptic::Keypair object
|
27
27
|
def initialize(private_key, opts = { public_key: nil, passphrase: nil })
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
private_key
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
28
|
+
if private_key.is_a? OpenSSL::PKey::RSA
|
29
|
+
@private_key = private_key
|
30
|
+
elsif !private_key.to_pem.eql? ''
|
31
|
+
@private_key = OpenSSL::PKey::RSA.new(
|
32
|
+
if File.exists?(private_key)
|
33
|
+
File.read(private_key)
|
34
|
+
else
|
35
|
+
private_key
|
36
|
+
end,
|
37
|
+
opts[:passphrase]
|
38
|
+
)
|
39
|
+
unless @private_key.private?
|
40
|
+
raise(
|
41
|
+
Cryptic::InvalidKey,
|
42
|
+
"Public key '#{private_key}' provided as a private key."
|
43
|
+
)
|
44
|
+
end
|
42
45
|
end
|
43
46
|
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
opts[:public_key]
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
47
|
+
if public_key.is_a? OpenSSL::PKey::RSA
|
48
|
+
@public_key = public_key
|
49
|
+
else
|
50
|
+
@public_key = OpenSSL::PKey::RSA.new(
|
51
|
+
if opts[:public_key] && File.exists?(opts[:public_key].to_s)
|
52
|
+
File.read(opts[:public_key])
|
53
|
+
elsif opts[:public_key]
|
54
|
+
opts[:public_key]
|
55
|
+
else
|
56
|
+
require 'pry'
|
57
|
+
binding.pry
|
58
|
+
@private_key or raise(Cryptic::KeyNotFound)
|
59
|
+
end,
|
60
|
+
opts[:passphrase]
|
61
|
+
).public_key
|
62
|
+
end
|
54
63
|
rescue OpenSSL::PKey::RSAError => e
|
55
64
|
if e.message.eql? 'Neither PUB key nor PRIV key:: not enough data'
|
56
65
|
if @private_key.nil?
|
@@ -73,16 +82,21 @@ module Cryptic
|
|
73
82
|
# @param [Fixnum] size the amount of bits to use in your key
|
74
83
|
# @return [Keypair] an object representing a private/public keypair
|
75
84
|
def self.generate(passphrase = nil, size = 2048)
|
76
|
-
# OPTIMIZE: There are so many hammers in here it looks like we're playing
|
77
|
-
# Whack-a-mole
|
78
85
|
# TODO: Find a better way to handle retries
|
79
86
|
attempts ||= 0
|
80
87
|
attempts += 1
|
81
88
|
|
82
|
-
rsa_key = OpenSSL::PKey::RSA.new(size)
|
83
|
-
cipher
|
89
|
+
rsa_key = OpenSSL::PKey::RSA.new(size, passphrase)
|
90
|
+
cipher = OpenSSL::Cipher::AES256.new(:CBC)
|
84
91
|
|
85
|
-
new(
|
92
|
+
new(
|
93
|
+
rsa_key,
|
94
|
+
{
|
95
|
+
cipher: cipher,
|
96
|
+
public_key: rsa_key.public_key,
|
97
|
+
passphrase: passphrase
|
98
|
+
}
|
99
|
+
)
|
86
100
|
rescue OpenSSL::PKey::RSAError => e
|
87
101
|
if e.message =~ /^read key$/
|
88
102
|
retry unless attempts > 1
|
@@ -97,19 +111,22 @@ module Cryptic
|
|
97
111
|
# @todo Document what save may raise
|
98
112
|
# @todo Update this method
|
99
113
|
# @return [String] returns the path files were saved to
|
100
|
-
def save(path = '.')
|
101
|
-
|
114
|
+
def save(path = '.', opts = { cipher: OpenSSL::Cipher::AES256.new(:CBC), passphrase: nil})
|
115
|
+
priv = @private_key.to_pem(opts[:cipher], opts[:passphrase])
|
116
|
+
pub = (opts[:public_key] || @public_key || @private_key.public_key).to_pem
|
117
|
+
|
118
|
+
if priv.eql?('') || pub.eql?('')
|
102
119
|
raise Cryptic::KeyGenerationFailure, "The keypair was never successfully generated"
|
103
120
|
end
|
104
121
|
|
105
122
|
FileUtils.mkdir_p(File.dirname(path))
|
106
123
|
|
107
124
|
File.open("#{File.expand_path(path)}/cryptic_private.pem", 'w') do |file|
|
108
|
-
file.write
|
125
|
+
file.write priv
|
109
126
|
end
|
110
127
|
|
111
128
|
File.open("#{File.expand_path(path)}/cryptic_public.pem", 'w') do |file|
|
112
|
-
file.write
|
129
|
+
file.write pub
|
113
130
|
end
|
114
131
|
|
115
132
|
path
|
data/lib/cryptic/version.rb
CHANGED