lockness 0.1.0 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +18 -1
- data/bin/lockness +1 -12
- data/lib/lockness/content.rb +12 -5
- data/lib/lockness/decrypt.rb +23 -0
- data/lib/lockness/edit.rb +5 -5
- data/lib/lockness/{secret_file.rb → encrypted_file.rb} +3 -15
- data/lib/lockness/master_key.rb +1 -1
- data/lib/lockness/path_builder.rb +15 -0
- data/lib/lockness/setup.rb +20 -0
- data/lib/lockness/show.rb +17 -5
- data/lib/lockness/version.rb +1 -1
- data/lib/lockness.rb +8 -0
- metadata +7 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b98cede040b3978d3e632eed0ef4c419705aa575830f89a0f833924d335dc9aa
|
4
|
+
data.tar.gz: a9f960a5295d0616f78a31652514043d34cffa4bdcc84d645bc7e7e81735c023
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 15b2444f0d0751ac5c027cd652e75d49f63e3219dfc651079a135d6253984d8a19f8c7eb6f97ae0f2608278002b18723663917c203322a58023e7d1d2c51c1c6
|
7
|
+
data.tar.gz: ac6de43d94d50c0d053d772ce5c283aaadba92b07f0bbda97a6dbafba2b51c36656118a475c4a127cfabc4a8a4b34ad79ec4ddbf56eac3edeff42f211e468a41
|
data/README.md
CHANGED
@@ -1,3 +1,20 @@
|
|
1
1
|
# Lockness
|
2
2
|
|
3
|
-
|
3
|
+
Lockness manages encrypted files from the command line and from within your program.
|
4
|
+
|
5
|
+
It provides similar functionality to the `rails credentials:show` and `rails credentials:edit` tasks but can be used for any file in a plain old ruby app.
|
6
|
+
|
7
|
+
# Usage -- Command Line
|
8
|
+
|
9
|
+
```
|
10
|
+
lockness init # generates a master.key
|
11
|
+
lockness edit <filename> # create or edit a new file
|
12
|
+
lockness show <filename> # view an encrypted file
|
13
|
+
lockness # show this help
|
14
|
+
```
|
15
|
+
|
16
|
+
# Usage -- Within application
|
17
|
+
|
18
|
+
```ruby
|
19
|
+
Lockness.decrypt('<path to encrypted file>')
|
20
|
+
```
|
data/bin/lockness
CHANGED
@@ -1,16 +1,5 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
2
|
|
3
|
-
|
4
|
-
require 'base64'
|
5
|
-
require 'digest/sha2'
|
6
|
-
require 'openssl'
|
7
|
-
require 'securerandom'
|
8
|
-
require 'tempfile'
|
9
|
-
|
10
|
-
lib_file_glob = "#{__dir__}/../lib/**/*.rb"
|
11
|
-
|
12
|
-
Dir.glob(lib_file_glob).each do |file|
|
13
|
-
require_relative file
|
14
|
-
end
|
3
|
+
require_relative '../lib/lockness'
|
15
4
|
|
16
5
|
Lockness.start
|
data/lib/lockness/content.rb
CHANGED
@@ -1,18 +1,25 @@
|
|
1
1
|
module Lockness
|
2
2
|
class Content
|
3
3
|
|
4
|
-
attr_reader :
|
4
|
+
attr_reader :encrypted_file,
|
5
5
|
:message_encryptor,
|
6
6
|
:encrypted
|
7
7
|
|
8
|
-
def initialize
|
9
|
-
@
|
8
|
+
def initialize(encrypted_file:)
|
9
|
+
@encrypted_file = encrypted_file
|
10
10
|
@message_encryptor = ActiveSupport::MessageEncryptor.new(MasterKey.new.read)
|
11
|
-
@encrypted =
|
11
|
+
@encrypted = encrypted_file.read
|
12
12
|
end
|
13
13
|
|
14
14
|
def plain
|
15
15
|
message_encryptor.decrypt_and_verify(encrypted)
|
16
|
+
|
17
|
+
rescue ActiveSupport::MessageVerifier::InvalidSignature => exception
|
18
|
+
puts "Unable to decrypt using the master.key."
|
19
|
+
puts
|
20
|
+
puts "Please double check that the master.key is correct."
|
21
|
+
|
22
|
+
exit 1
|
16
23
|
end
|
17
24
|
|
18
25
|
def update(new_plain_content)
|
@@ -20,7 +27,7 @@ module Lockness
|
|
20
27
|
|
21
28
|
encrypted_content = message_encryptor.encrypt_and_sign(new_plain_content)
|
22
29
|
|
23
|
-
|
30
|
+
encrypted_file.save(encrypted_content)
|
24
31
|
end
|
25
32
|
|
26
33
|
private
|
@@ -0,0 +1,23 @@
|
|
1
|
+
module Lockness
|
2
|
+
class Decrypt
|
3
|
+
|
4
|
+
attr_reader :encrypted_file
|
5
|
+
|
6
|
+
def initialize(path:)
|
7
|
+
@encrypted_file = EncryptedFile.new(path: path)
|
8
|
+
|
9
|
+
file_not_found unless encrypted_file.exist?
|
10
|
+
end
|
11
|
+
|
12
|
+
def decrypt
|
13
|
+
Content.new(encrypted_file: encrypted_file).plain
|
14
|
+
end
|
15
|
+
|
16
|
+
private
|
17
|
+
|
18
|
+
def file_not_found
|
19
|
+
raise "Could not find the file '#{encrypted_file.path}'"
|
20
|
+
end
|
21
|
+
|
22
|
+
end
|
23
|
+
end
|
data/lib/lockness/edit.rb
CHANGED
@@ -1,26 +1,26 @@
|
|
1
1
|
module Lockness
|
2
2
|
class Edit
|
3
3
|
|
4
|
-
attr_reader :
|
4
|
+
attr_reader :encrypted_file,
|
5
5
|
:content,
|
6
6
|
:temp_file
|
7
7
|
|
8
8
|
def initialize
|
9
|
-
@
|
10
|
-
@content = Content.new
|
9
|
+
@encrypted_file = EncryptedFile.new(path: PathBuilder.path)
|
10
|
+
@content = Content.new(encrypted_file: encrypted_file)
|
11
11
|
@temp_file = Tempfile.new
|
12
12
|
end
|
13
13
|
|
14
14
|
def edit
|
15
15
|
ensure_temp_file_deleted
|
16
16
|
|
17
|
-
if
|
17
|
+
if encrypted_file.exist?
|
18
18
|
edit_existing
|
19
19
|
else
|
20
20
|
edit_new
|
21
21
|
end
|
22
22
|
|
23
|
-
puts "File saved: #{
|
23
|
+
puts "File saved: #{encrypted_file.encrypted_path}"
|
24
24
|
end
|
25
25
|
|
26
26
|
private
|
@@ -1,10 +1,10 @@
|
|
1
1
|
module Lockness
|
2
|
-
class
|
2
|
+
class EncryptedFile
|
3
3
|
|
4
4
|
attr_reader :path
|
5
5
|
|
6
|
-
def initialize
|
7
|
-
@path =
|
6
|
+
def initialize(path:)
|
7
|
+
@path = path
|
8
8
|
end
|
9
9
|
|
10
10
|
def exist?
|
@@ -33,17 +33,5 @@ module Lockness
|
|
33
33
|
File.write(encrypted_path, encrypted_content)
|
34
34
|
end
|
35
35
|
|
36
|
-
private
|
37
|
-
|
38
|
-
def build_path
|
39
|
-
path_arg = ARGV.last
|
40
|
-
|
41
|
-
if path_arg.starts_with?('/')
|
42
|
-
path_arg
|
43
|
-
else
|
44
|
-
File.join(Dir.pwd, path_arg)
|
45
|
-
end
|
46
|
-
end
|
47
|
-
|
48
36
|
end
|
49
37
|
end
|
data/lib/lockness/master_key.rb
CHANGED
@@ -0,0 +1,20 @@
|
|
1
|
+
module Lockness
|
2
|
+
module Setup
|
3
|
+
|
4
|
+
def self.setup
|
5
|
+
require 'active_support/all'
|
6
|
+
require 'base64'
|
7
|
+
require 'digest/sha2'
|
8
|
+
require 'openssl'
|
9
|
+
require 'securerandom'
|
10
|
+
require 'tempfile'
|
11
|
+
|
12
|
+
require_relative '../lockness'
|
13
|
+
|
14
|
+
Dir.glob("#{__dir__}/*.rb").each do |file|
|
15
|
+
require_relative file
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
end
|
20
|
+
end
|
data/lib/lockness/show.rb
CHANGED
@@ -1,21 +1,33 @@
|
|
1
1
|
module Lockness
|
2
2
|
class Show
|
3
3
|
|
4
|
-
attr_reader :
|
4
|
+
attr_reader :encrypted_file
|
5
5
|
|
6
6
|
def initialize
|
7
|
-
@
|
7
|
+
@encrypted_file = EncryptedFile.new(path: PathBuilder.path)
|
8
8
|
end
|
9
9
|
|
10
10
|
def show
|
11
|
-
if
|
12
|
-
puts Content.new.plain
|
11
|
+
if encrypted_file.exist?
|
12
|
+
puts Content.new(encrypted_file: encrypted_file).plain
|
13
13
|
else
|
14
|
-
puts "No file at #{
|
14
|
+
puts "No file at #{encrypted_file.encrypted_path}"
|
15
15
|
|
16
16
|
exit 1
|
17
17
|
end
|
18
18
|
end
|
19
19
|
|
20
|
+
private
|
21
|
+
|
22
|
+
def build_path
|
23
|
+
path_arg = ARGV.last
|
24
|
+
|
25
|
+
if path_arg.starts_with?('/')
|
26
|
+
path_arg
|
27
|
+
else
|
28
|
+
File.join(Dir.pwd, path_arg)
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
20
32
|
end
|
21
33
|
end
|
data/lib/lockness/version.rb
CHANGED
data/lib/lockness.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: lockness
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sean Lerner
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-06-01 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -153,11 +153,14 @@ files:
|
|
153
153
|
- bin/lockness
|
154
154
|
- lib/lockness.rb
|
155
155
|
- lib/lockness/content.rb
|
156
|
+
- lib/lockness/decrypt.rb
|
156
157
|
- lib/lockness/edit.rb
|
158
|
+
- lib/lockness/encrypted_file.rb
|
157
159
|
- lib/lockness/ensure_master_key_git_ignored.rb
|
158
160
|
- lib/lockness/help.rb
|
159
161
|
- lib/lockness/master_key.rb
|
160
|
-
- lib/lockness/
|
162
|
+
- lib/lockness/path_builder.rb
|
163
|
+
- lib/lockness/setup.rb
|
161
164
|
- lib/lockness/show.rb
|
162
165
|
- lib/lockness/version.rb
|
163
166
|
- lockness.gemspec
|
@@ -181,7 +184,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
181
184
|
- !ruby/object:Gem::Version
|
182
185
|
version: '0'
|
183
186
|
requirements: []
|
184
|
-
rubygems_version: 3.3.
|
187
|
+
rubygems_version: 3.3.7
|
185
188
|
signing_key:
|
186
189
|
specification_version: 4
|
187
190
|
summary: Manage encrypted secrets
|