rcredstash 0.8.0 → 0.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/cred_stash.rb +2 -2
- data/lib/cred_stash/cipher_key.rb +5 -2
- data/lib/cred_stash/secret.rb +2 -2
- data/lib/cred_stash/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 400e378c187be7aabf11ec9b40c30481a28c7f7b
|
|
4
|
+
data.tar.gz: b30e9a9d3c57aa482e566b992c5f4522ce81fc79
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 59f2ca9b2e3359f05bf0131b02e5bdc7faefb568205f28b445b048d9807e4c3f492e35608c580000dcda3a0690b28db5cd368c22d97286653ec4ad4d9af21183
|
|
7
|
+
data.tar.gz: 630d47addd867cc9fd1e58d05bb642b7bf6a52857df2c26fef98eee6b6a23c05f17d6a3c7f725dae90f33f115f965a61335137e4812929f2a83060d84b671fd9
|
data/lib/cred_stash.rb
CHANGED
|
@@ -16,9 +16,9 @@ module CredStash
|
|
|
16
16
|
nil
|
|
17
17
|
end
|
|
18
18
|
|
|
19
|
-
def put(name, value, context: {})
|
|
19
|
+
def put(name, value, kms_key_id: nil, context: {})
|
|
20
20
|
secret = Secret.new(name: name, value: value, context: context)
|
|
21
|
-
secret.encrypt!
|
|
21
|
+
secret.encrypt!(kms_key_id: kms_key_id)
|
|
22
22
|
secret.save
|
|
23
23
|
end
|
|
24
24
|
|
|
@@ -1,9 +1,12 @@
|
|
|
1
1
|
class CredStash::CipherKey
|
|
2
|
+
DEFAULT_KMS_KEY_ID = "alias/credstash".freeze
|
|
3
|
+
|
|
2
4
|
attr_reader :data_key, :hmac_key, :wrapped_key
|
|
3
5
|
|
|
4
|
-
def self.generate(client: Aws::KMS::Client.new,
|
|
6
|
+
def self.generate(client: Aws::KMS::Client.new, kms_key_id: nil,
|
|
7
|
+
context: {})
|
|
5
8
|
res = client.generate_data_key(
|
|
6
|
-
key_id:
|
|
9
|
+
key_id: kms_key_id || DEFAULT_KMS_KEY_ID,
|
|
7
10
|
number_of_bytes: 64,
|
|
8
11
|
encryption_context: context
|
|
9
12
|
)
|
data/lib/cred_stash/secret.rb
CHANGED
|
@@ -10,8 +10,8 @@ class CredStash::Secret
|
|
|
10
10
|
@context = context
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
-
def encrypt!
|
|
14
|
-
@key = CredStash::CipherKey.generate(context: @context)
|
|
13
|
+
def encrypt!(kms_key_id: nil)
|
|
14
|
+
@key = CredStash::CipherKey.generate(kms_key_id: kms_key_id, context: @context)
|
|
15
15
|
@encrypted_value = @key.encrypt(@value)
|
|
16
16
|
@hmac = @key.hmac(@encrypted_value)
|
|
17
17
|
end
|
data/lib/cred_stash/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rcredstash
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.9.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- adorechic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-04-
|
|
11
|
+
date: 2017-04-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk
|