mobile-secrets 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/Rakefile +8 -0
- data/bin/mobile_secrets +79 -0
- data/lib/resources/SecretsTemplate.swift +28 -0
- data/lib/resources/example.yml +7 -0
- data/lib/src/obfuscator.rb +25 -0
- data/lib/src/secrets_handler.rb +52 -0
- data/test/test_hola.rb +16 -0
- metadata +66 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: a9f48f6af86d79fd2f694310798cda1b54670f40304cbe0876fb61a40b4c6739
|
4
|
+
data.tar.gz: a4403ff092fad34464d0a0ae0d8d9dc87b85e4b1638c63fab2c762581128b3f3
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 3442ea2659d61830a1b8a1e49e3079f93229e4005570e6df9b9e24c84337c1b6f61fd9dea659081f75544a0629694e4ede31bba25930d4af8563e9f633c9ea2a
|
7
|
+
data.tar.gz: 2691439ba43228edd9d475471a903344fc8a2da58aae09ce611b9d590ec997984ce7daaab4d3b9490b42ebc21a0d3a31ff798d4bf5c3f176e0d5876dc9cbfa40
|
data/Rakefile
ADDED
data/bin/mobile_secrets
ADDED
@@ -0,0 +1,79 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
require_relative '../lib/src/secrets_handler'
|
3
|
+
require "dotgpg"
|
4
|
+
|
5
|
+
module MobileSecrets
|
6
|
+
class Cli
|
7
|
+
|
8
|
+
def header
|
9
|
+
"Mobile Secrets HELP:
|
10
|
+
##############################################################################################################################
|
11
|
+
## %# #%%%( ##% ,%%% (%%/ *%%%% ,%%%/ .%%( (%%, #%%%#.(%%# #%%*.#%%% ,%%%%%.%%%%. #%%%%.#%%%.*%% %%%%*#%% ##
|
12
|
+
## % #%%%( % *%%%# /%%%( *%%%% %%%%, %%%* %, (%%%# #( .%%%( %% (%%%# %%%% %%%%. .%.*% %%%%* #% ##
|
13
|
+
## #%%%( %%%%# /%%%% *%%%% %%%%. .%%%%%%#. (%%%( ,% %%%%( ,# (%%%# .%%%% .%%%%. (* ,( %%%%* .# ##
|
14
|
+
## #%%%( %%%%# /%%%% /%%%% *%%%* *%%%%%%%% (%%%((%% %%%%( (%%%#.#%#, .%%%%.%%* %%%%, ##
|
15
|
+
## #%%%( #%%%# /%%%% /%%%% .( (%%%%%# (%%%( ,% %%%%( (%%%# *%%%# .%%%%. #* %%%%, ##
|
16
|
+
## %%%%( %%%# /%%%. /%%%% ,%, %%%/ (%%%( (# (%%%( *# #%%%# .%%%% .%%%% #, %%%%, ##
|
17
|
+
## %%%%%%( /%%**%%( ,%%%%%( ,%%#. /%%* #%%%(./%%# *%%# .## #%%%# .%%%%#/ .%%%% ,%%, %%%%, ##
|
18
|
+
##############################################################################################################################"
|
19
|
+
end
|
20
|
+
|
21
|
+
def options
|
22
|
+
opt = ""
|
23
|
+
opt << "--init-gpg PATH \t\tInitialize GPG in the directory.\n"
|
24
|
+
opt << "--create-template \t\tCreates a template yml file to configure the MobileSecrets\n"
|
25
|
+
opt << "--import SECRETS_PATH \tAdds MobileSecrets to GPG secrets\n"
|
26
|
+
opt << "--export PATH \t\t\tCreates source file with obfuscated secrets at given PATH\n"
|
27
|
+
opt << "--usage \t\t\tManual for using MobileSecrets.\n\n"
|
28
|
+
opt << "Examples:\n"
|
29
|
+
opt << "--import \"./MobileSecrets.yml\"\n"
|
30
|
+
opt << "--export \"./Project/Src\"\n"
|
31
|
+
opt << "--init-gpg \".\""
|
32
|
+
opt
|
33
|
+
end
|
34
|
+
|
35
|
+
def usage
|
36
|
+
usage = ""
|
37
|
+
usage << "1) Create gpg first with --init-gpg \".\"\n"
|
38
|
+
usage << "2) Create a template for MobileSecrets with --create-template\n"
|
39
|
+
usage << "3) Configure MobileSecrets.yml with your hash key, secrets etc\n"
|
40
|
+
usage << "4) Import edited template to encrypted secret.gpg with --import\n"
|
41
|
+
usage << "5) Export secrets from secrets.gpg to source file with --export and PATH to project\n"
|
42
|
+
usage << "6) Add exported source file to the project\n"
|
43
|
+
end
|
44
|
+
|
45
|
+
def perform_action command, argv_1, argv_2
|
46
|
+
case command
|
47
|
+
when "--create-template"
|
48
|
+
FileUtils.cp("#{__dir__}/../lib/resources/example.yml", "#{Dir.pwd}#{File::SEPARATOR}MobileSecrets.yml")
|
49
|
+
when "--export"
|
50
|
+
print_options if argv_1 == nil
|
51
|
+
|
52
|
+
secrets_handler = MobileSecrets::SecretsHandler.new
|
53
|
+
secrets_handler.export_secrets argv_1
|
54
|
+
when "--init-gpg"
|
55
|
+
print_options if argv_1 == nil
|
56
|
+
|
57
|
+
Dotgpg::Cli.new.init(argv_1)
|
58
|
+
when "--import"
|
59
|
+
print_options if argv_1 == nil
|
60
|
+
|
61
|
+
dotgpg = Dotgpg::Dir.new("#{Dir.pwd}/")
|
62
|
+
file = IO.read argv_1
|
63
|
+
dotgpg.encrypt "./secrets.gpg", file
|
64
|
+
when "--usage"
|
65
|
+
puts usage
|
66
|
+
else
|
67
|
+
print_options
|
68
|
+
end
|
69
|
+
end
|
70
|
+
|
71
|
+
def print_options
|
72
|
+
puts "#{header}\n\n#{options}" #Wrong action selected
|
73
|
+
end
|
74
|
+
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
cmd, argv_1, argv_2 = ARGV[0], ARGV[1], ARGV[2]
|
79
|
+
MobileSecrets::Cli.new.perform_action cmd, argv_1, argv_2
|
@@ -0,0 +1,28 @@
|
|
1
|
+
//
|
2
|
+
// Autogenerated file by Mobile Secrets
|
3
|
+
//
|
4
|
+
|
5
|
+
import Foundation
|
6
|
+
|
7
|
+
class Secrets {
|
8
|
+
static let standard = Secrets()
|
9
|
+
/* SECRET BYTES */
|
10
|
+
|
11
|
+
private init() {}
|
12
|
+
|
13
|
+
func string(forKey key: String) -> String? {
|
14
|
+
guard let index = bytes.firstIndex(where: { String(data: Data($0), encoding: .utf8) == key }),
|
15
|
+
let value = decrypt(bytes[index + 1]) else { return nil }
|
16
|
+
return String(data: Data(value), encoding: .utf8)
|
17
|
+
}
|
18
|
+
|
19
|
+
private func decrypt(_ input: [UInt8]) -> [UInt8]? {
|
20
|
+
let key = bytes[0]
|
21
|
+
guard !key.isEmpty else { return nil }
|
22
|
+
var output = [UInt8]()
|
23
|
+
for byte in input.enumerated() {
|
24
|
+
output.append(byte.element ^ key[byte.offset % key.count])
|
25
|
+
}
|
26
|
+
return output
|
27
|
+
}
|
28
|
+
}
|
@@ -0,0 +1,7 @@
|
|
1
|
+
MobileSecrets:
|
2
|
+
hashKey: "KokoBelloKoko" # Key that will be used to hashed the secret values.
|
3
|
+
language: "Swift" # Swift is currently only supported language, Kotlin is coming soon.
|
4
|
+
secrets: # Key-value dictionary for secrets. The key is then referenced in the code to get the secret.
|
5
|
+
googleMaps: "123123123"
|
6
|
+
firebase: "asdasdasd"
|
7
|
+
amazon: "asd123asd123"
|
@@ -0,0 +1,25 @@
|
|
1
|
+
module MobileSecrets
|
2
|
+
class Obfuscator
|
3
|
+
|
4
|
+
def initialize obfuscation_keys
|
5
|
+
@obfuscation_keys = obfuscation_keys
|
6
|
+
end
|
7
|
+
|
8
|
+
def deobfuscate(obfuscated_secret)
|
9
|
+
xor_chiper(obfuscated_secret)
|
10
|
+
end
|
11
|
+
|
12
|
+
def obfuscate(secret)
|
13
|
+
xor_chiper(secret)
|
14
|
+
end
|
15
|
+
|
16
|
+
def xor_chiper(secret)
|
17
|
+
result = ""
|
18
|
+
codepoints = secret.each_codepoint.to_a
|
19
|
+
codepoints.each_index do |i|
|
20
|
+
result += (codepoints[i] ^ @obfuscation_keys[i % @obfuscation_keys.size].ord).chr
|
21
|
+
end
|
22
|
+
result
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,52 @@
|
|
1
|
+
require "dotgpg"
|
2
|
+
require "yaml"
|
3
|
+
require_relative '../src/obfuscator'
|
4
|
+
|
5
|
+
module MobileSecrets
|
6
|
+
class SecretsHandler
|
7
|
+
|
8
|
+
def export_secrets path
|
9
|
+
decrypted_secrets = decrypt_secrets()
|
10
|
+
config = YAML.load(decrypted_secrets)["MobileSecrets"]
|
11
|
+
hash_key = config["hashKey"]
|
12
|
+
obfuscator = MobileSecrets::Obfuscator.new hash_key
|
13
|
+
|
14
|
+
bytes = [hash_key.bytes]
|
15
|
+
secrets_dict = config["secrets"]
|
16
|
+
|
17
|
+
secrets_dict.each do |key, value|
|
18
|
+
encrypted = obfuscator.obfuscate(value)
|
19
|
+
bytes << key.bytes << encrypted.bytes
|
20
|
+
end
|
21
|
+
|
22
|
+
inject_secrets(bytes, "#{path}/secrets.swift")
|
23
|
+
end
|
24
|
+
|
25
|
+
def inject_secrets(secret_bytes, file)
|
26
|
+
template = IO.read "#{__dir__}/../resources/SecretsTemplate.swift"
|
27
|
+
secret_bytes = "#{secret_bytes}".gsub "],", "],\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t"
|
28
|
+
bytes_variable = "private let bytes: [[UInt8]] = #{secret_bytes}"
|
29
|
+
swift_secrets = template.sub "/* SECRET BYTES */", bytes_variable
|
30
|
+
|
31
|
+
File.open(file, "w") { |f| f.puts swift_secrets }
|
32
|
+
end
|
33
|
+
|
34
|
+
private
|
35
|
+
|
36
|
+
def decrypt_secrets
|
37
|
+
gpg = Dotgpg::Dir.new "#{Dir.pwd}/"
|
38
|
+
output = StringIO.new
|
39
|
+
gpg.decrypt "#{Dir.pwd}/secrets.gpg", output
|
40
|
+
output.string
|
41
|
+
end
|
42
|
+
|
43
|
+
def extract_secrets_from secrets_payload
|
44
|
+
secrets = {}
|
45
|
+
secrets_payload.split("\n").each do |l|
|
46
|
+
keysWithsecret = l.split("=")
|
47
|
+
secrets[keysWithsecret[0].strip] = keysWithsecret[1].strip
|
48
|
+
end
|
49
|
+
secrets
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
data/test/test_hola.rb
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
require 'test/unit'
|
2
|
+
require 'hola'
|
3
|
+
|
4
|
+
class HolaTest < Test::Unit::TestCase
|
5
|
+
def test_english_hello
|
6
|
+
assert_equal "hello world", Hola.hi("english")
|
7
|
+
end
|
8
|
+
|
9
|
+
def test_any_hello
|
10
|
+
assert_equal "hello world", Hola.hi("ruby")
|
11
|
+
end
|
12
|
+
|
13
|
+
def test_spanish_hello
|
14
|
+
assert_equal "hola mundo", Hola.hi("spanish")
|
15
|
+
end
|
16
|
+
end
|
metadata
ADDED
@@ -0,0 +1,66 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: mobile-secrets
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Cyril Cermak
|
8
|
+
- Joerg Nestele
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2019-09-27 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: dotgpg
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
17
|
+
requirements:
|
18
|
+
- - '='
|
19
|
+
- !ruby/object:Gem::Version
|
20
|
+
version: 0.7.0
|
21
|
+
type: :runtime
|
22
|
+
prerelease: false
|
23
|
+
version_requirements: !ruby/object:Gem::Requirement
|
24
|
+
requirements:
|
25
|
+
- - '='
|
26
|
+
- !ruby/object:Gem::Version
|
27
|
+
version: 0.7.0
|
28
|
+
description: Handle mobile secrets the secure way with ease
|
29
|
+
email: cyril.cermakk@gmail.com
|
30
|
+
executables:
|
31
|
+
- mobile_secrets
|
32
|
+
extensions: []
|
33
|
+
extra_rdoc_files: []
|
34
|
+
files:
|
35
|
+
- Rakefile
|
36
|
+
- bin/mobile_secrets
|
37
|
+
- lib/resources/SecretsTemplate.swift
|
38
|
+
- lib/resources/example.yml
|
39
|
+
- lib/src/obfuscator.rb
|
40
|
+
- lib/src/secrets_handler.rb
|
41
|
+
- test/test_hola.rb
|
42
|
+
homepage: http://rubygems.org/gems/hola
|
43
|
+
licenses:
|
44
|
+
- MIT
|
45
|
+
metadata: {}
|
46
|
+
post_install_message:
|
47
|
+
rdoc_options: []
|
48
|
+
require_paths:
|
49
|
+
- lib
|
50
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
56
|
+
requirements:
|
57
|
+
- - ">="
|
58
|
+
- !ruby/object:Gem::Version
|
59
|
+
version: '0'
|
60
|
+
requirements: []
|
61
|
+
rubygems_version: 3.1.0.pre1
|
62
|
+
signing_key:
|
63
|
+
specification_version: 4
|
64
|
+
summary: mobile-secrets tool for handling your mobile secrets
|
65
|
+
test_files:
|
66
|
+
- test/test_hola.rb
|