hiera-crypt 0.2.1 → 0.3
Sign up to get free protection for your applications and to get access to all the features.
- data/bin/hiera-crypt +2 -2
- data/hiera-crypt.gemspec +2 -2
- data/lib/hiera/backend/crypt_backend.rb +1 -1
- data/lib/passwordbox.rb +9 -10
- metadata +5 -4
data/bin/hiera-crypt
CHANGED
@@ -44,9 +44,9 @@ crypto = PasswordBox.new(password)
|
|
44
44
|
in_file = input == '-' ? STDIN : File.open(input, 'r')
|
45
45
|
|
46
46
|
if mode == :encrypt
|
47
|
-
out = crypto.box(in_file.read
|
47
|
+
out = crypto.box(in_file.read)
|
48
48
|
elsif mode == :decrypt
|
49
|
-
out = crypto.open(in_file.read
|
49
|
+
out = crypto.open(in_file.read)
|
50
50
|
end
|
51
51
|
|
52
52
|
out_file = output == '-' ? STDOUT : File.open(output, 'w')
|
data/hiera-crypt.gemspec
CHANGED
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
4
4
|
|
5
5
|
Gem::Specification.new do |spec|
|
6
6
|
spec.name = "hiera-crypt"
|
7
|
-
spec.version = "0.
|
7
|
+
spec.version = "0.3"
|
8
8
|
spec.authors = ["Carl Jackson"]
|
9
9
|
spec.email = ["carl@avtok.com"]
|
10
10
|
spec.description = "Encrypted file backend for Hiera"
|
@@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
|
|
20
20
|
|
21
21
|
spec.add_dependency "hiera", "~> 1.2.1"
|
22
22
|
spec.add_dependency "pbkdf2", "~> 0.1.0"
|
23
|
-
spec.add_dependency "rbnacl", "~>
|
23
|
+
spec.add_dependency "rbnacl", "~> 2.0"
|
24
24
|
|
25
25
|
spec.add_development_dependency "bundler", "~> 1.3"
|
26
26
|
spec.add_development_dependency "rake"
|
data/lib/passwordbox.rb
CHANGED
@@ -1,10 +1,10 @@
|
|
1
|
-
require '
|
1
|
+
require 'base64'
|
2
2
|
require 'pbkdf2'
|
3
|
-
require '
|
3
|
+
require 'rbnacl'
|
4
4
|
|
5
5
|
# A SecretBox that (like RandomNonceBox) automatically generates a suitable
|
6
6
|
# nonce, but also which uses PBKDF2 to derive a password of the right length.
|
7
|
-
class PasswordBox <
|
7
|
+
class PasswordBox < RbNaCl::SecretBox
|
8
8
|
DEFAULT_PBKDF2_ITERS = 5000
|
9
9
|
|
10
10
|
# Create a new PasswordBox
|
@@ -18,14 +18,14 @@ class PasswordBox < Crypto::SecretBox
|
|
18
18
|
# a random nonce.
|
19
19
|
#
|
20
20
|
# @param message [String] The message to encrypt
|
21
|
-
# @param encoding [Symbol] Encoding for the returned ciphertext
|
22
21
|
#
|
23
22
|
# @return [String] The encrypted message
|
24
|
-
def box(message
|
23
|
+
def box(message)
|
25
24
|
nonce = generate_nonce
|
26
25
|
salt, iters, @key = generate_key
|
27
26
|
ciphertext = super(nonce, message)
|
28
|
-
|
27
|
+
|
28
|
+
Base64.encode64(nonce + salt + iters + ciphertext)
|
29
29
|
end
|
30
30
|
alias encrypt box
|
31
31
|
|
@@ -33,13 +33,12 @@ class PasswordBox < Crypto::SecretBox
|
|
33
33
|
# the message.
|
34
34
|
#
|
35
35
|
# @param enciphered_message [String] The message to decrypt
|
36
|
-
# @param encoding [Symbol] Encoding for the given ciphertext
|
37
36
|
#
|
38
37
|
# @raise [CryptoError] If the message has been tampered with.
|
39
38
|
#
|
40
39
|
# @return [String] The plaintext of the message
|
41
|
-
def open(enciphered_message
|
42
|
-
decoded =
|
40
|
+
def open(enciphered_message)
|
41
|
+
decoded = Base64.decode64(enciphered_message)
|
43
42
|
nonce, salt, iters, ciphertext = extract(decoded)
|
44
43
|
@key = generate_key(salt, iters).last
|
45
44
|
super(nonce, ciphertext)
|
@@ -48,7 +47,7 @@ class PasswordBox < Crypto::SecretBox
|
|
48
47
|
|
49
48
|
private
|
50
49
|
def generate_nonce
|
51
|
-
|
50
|
+
RbNaCl::Random.random_bytes(nonce_bytes)
|
52
51
|
end
|
53
52
|
def generate_key(salt=nil, iters=DEFAULT_PBKDF2_ITERS)
|
54
53
|
salt ||= generate_nonce
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hiera-crypt
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: '0.3'
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2014-03-31 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: hiera
|
@@ -50,7 +50,7 @@ dependencies:
|
|
50
50
|
requirements:
|
51
51
|
- - ~>
|
52
52
|
- !ruby/object:Gem::Version
|
53
|
-
version:
|
53
|
+
version: '2.0'
|
54
54
|
type: :runtime
|
55
55
|
prerelease: false
|
56
56
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -58,7 +58,7 @@ dependencies:
|
|
58
58
|
requirements:
|
59
59
|
- - ~>
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version:
|
61
|
+
version: '2.0'
|
62
62
|
- !ruby/object:Gem::Dependency
|
63
63
|
name: bundler
|
64
64
|
requirement: !ruby/object:Gem::Requirement
|
@@ -153,3 +153,4 @@ test_files:
|
|
153
153
|
- test/hiera-file.yaml
|
154
154
|
- test/hiera-inline.yaml
|
155
155
|
- test/password
|
156
|
+
has_rdoc:
|