secure_yaml 1.0.4 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.
data/README.md CHANGED
@@ -71,4 +71,17 @@ decrypted_yaml = SecureYaml::load(File.open('database.yml'))
71
71
  decrypted_yaml = SecureYaml::load(File.open('database.yml'), 'NEW_SECRET_KEY_PROPERTY_NAME')
72
72
  ```
73
73
 
74
+ ### Customising decryption
75
+
76
+ The default decryption method applied by this library when loading a YAML file is [AES-256-CFB](http://en.wikipedia.org/wiki/Advanced_Encryption_Standard).
77
+ However, if you wish to, you can specify your own custom decryption:
78
+
79
+ ```ruby
80
+ require 'secure_yaml'
81
+
82
+ decrypted_yaml = SecureYaml::load(File.open('database.yml')) do |secret_key, encrypted_data|
83
+ "decrypt data here from #{secret_key} and #{encrypted_data}"
84
+ end
85
+ ```
86
+
74
87
 
@@ -1,4 +1,5 @@
1
1
  require 'secure_yaml/loader'
2
+ require 'secure_yaml/cipher'
2
3
 
3
4
  module SecureYaml
4
5
 
@@ -6,16 +7,34 @@ module SecureYaml
6
7
 
7
8
  DEFAULT_SECRET_KEY_PROP_NAME = 'PROPERTIES_ENCRYPTION_PASSWORD'
8
9
 
9
- def self.load(yaml_file, secret_key_prop_name = DEFAULT_SECRET_KEY_PROP_NAME)
10
- SecureYaml::Loader.new(secret_key(secret_key_prop_name)).load(yaml_file)
10
+ def self.load(yaml_file, secret_key_prop_name = DEFAULT_SECRET_KEY_PROP_NAME, &decryption_block)
11
+ decryption_algorithm = block_given? ? custom_decryption_algorithm(decryption_block) : Cipher.new
12
+
13
+ yaml_loader(decryption_algorithm, retrieve_secret_key(secret_key_prop_name)).load(yaml_file)
11
14
  end
12
15
 
13
16
  private
14
17
 
15
- def self.secret_key(secret_key_prop_name)
18
+ def self.retrieve_secret_key(secret_key_prop_name)
16
19
  secret_key = ENV[secret_key_prop_name]
17
20
  raise "#{secret_key_prop_name} env property not found" if secret_key.nil?
18
21
  secret_key
19
22
  end
20
23
 
24
+ def self.custom_decryption_algorithm(decryption_block)
25
+ Class.new {
26
+ def initialize(decryption_block)
27
+ @decryption_block = decryption_block
28
+ end
29
+
30
+ def decrypt(secret_key, encrypted_data)
31
+ @decryption_block.call(secret_key, encrypted_data)
32
+ end
33
+ }.new(decryption_block)
34
+ end
35
+
36
+ def self.yaml_loader(decryption_algorithm, secret_key)
37
+ Loader.new(YamlDecrypter.new(decryption_algorithm, secret_key))
38
+ end
39
+
21
40
  end
@@ -11,7 +11,7 @@ module SecureYaml
11
11
  secret_key = command_line_args[0]
12
12
  plain_text = command_line_args[1]
13
13
 
14
- puts "#{SecureYaml::ENCRYPTED_PROPERTY_WRAPPER_ID}(#{SecureYaml::Cipher.new.encrypt(secret_key, plain_text)})"
14
+ puts "#{ENCRYPTED_PROPERTY_WRAPPER_ID}(#{Cipher.new.encrypt(secret_key, plain_text)})"
15
15
  end
16
16
 
17
17
  end
@@ -4,12 +4,12 @@ module SecureYaml
4
4
 
5
5
  class Loader
6
6
 
7
- def initialize(secret_key)
8
- @decrypter = YamlDecrypter.new(secret_key)
7
+ def initialize(yaml_decrypter)
8
+ @yaml_decrypter = yaml_decrypter
9
9
  end
10
10
 
11
11
  def load(yaml_file)
12
- @decrypter.decrypt(YAML::load(yaml_file))
12
+ @yaml_decrypter.decrypt(YAML::load(yaml_file))
13
13
  end
14
14
 
15
15
  end
@@ -1,5 +1,5 @@
1
1
  module SecureYaml
2
2
 
3
- VERSION = "1.0.4"
3
+ VERSION = "1.1.0"
4
4
 
5
5
  end
@@ -1,12 +1,11 @@
1
1
  require 'yaml'
2
- require 'secure_yaml/cipher'
3
2
 
4
3
  module SecureYaml
5
4
 
6
5
  class YamlDecrypter
7
6
 
8
- def initialize(secret_key, cipher = Cipher.new)
9
- @cipher = cipher
7
+ def initialize(decryption_algorithm, secret_key)
8
+ @decryption_algorithm = decryption_algorithm
10
9
  @secret_key = secret_key
11
10
  end
12
11
 
@@ -15,7 +14,7 @@ module SecureYaml
15
14
  when Hash
16
15
  yaml.inject({}) {|new_hash, (key, value)| new_hash[key] = decrypt(value); new_hash}
17
16
  when String
18
- yaml.gsub(/^#{ENCRYPTED_PROPERTY_WRAPPER_ID}\((.*)\)$/) {@cipher.decrypt(@secret_key, $1)}
17
+ yaml.gsub(/^#{ENCRYPTED_PROPERTY_WRAPPER_ID}\((.*)\)$/) {@decryption_algorithm.decrypt(@secret_key, $1)}
19
18
  else
20
19
  yaml
21
20
  end
@@ -6,14 +6,13 @@ describe 'Loader' do
6
6
  @encrypted_yaml = {:prop => 'encrypted'}
7
7
  @decrypted_yaml = {:prop => 'decrytped'}
8
8
  @decrypter = double(SecureYaml::YamlDecrypter)
9
- SecureYaml::YamlDecrypter.stub(:new).and_return(@decrypter)
10
9
  end
11
10
 
12
11
  it 'should load decrypted yaml file' do
13
12
  YAML.stub(:load).and_return(@encrypted_yaml)
14
13
  @decrypter.stub(:decrypt).with(@encrypted_yaml).and_return(@decrypted_yaml)
15
14
 
16
- yaml = SecureYaml::Loader.new('').load(double(File))
15
+ yaml = SecureYaml::Loader.new(@decrypter).load(double(File))
17
16
 
18
17
  yaml.should == @decrypted_yaml
19
18
  end
@@ -5,7 +5,7 @@ describe 'Yaml decrypter' do
5
5
  before(:each) do
6
6
  @secret_key = 'abc12345678'
7
7
  @cipher = double(SecureYaml::Cipher)
8
- @decrypter = SecureYaml::YamlDecrypter.new(@secret_key, @cipher)
8
+ @decrypter = SecureYaml::YamlDecrypter.new(@cipher, @secret_key)
9
9
  @decrypted_result = 'decrypted data'
10
10
  @plain_text = 'some plain text'
11
11
  end
@@ -7,7 +7,7 @@ describe 'SecureYaml' do
7
7
  @yaml = {:prop => 'test'}
8
8
  loader = double(SecureYaml::Loader)
9
9
  loader.stub(:load).and_return(@yaml)
10
- SecureYaml::Loader.stub(:new).with(@secret_key).and_return(loader)
10
+ SecureYaml::Loader.stub(:new).and_return(loader)
11
11
  end
12
12
 
13
13
  it 'should load decrypted yaml file' do
@@ -34,4 +34,14 @@ describe 'SecureYaml' do
34
34
  yaml.should == @yaml
35
35
  end
36
36
 
37
+ it 'should allow use of custom decryption algorithm' do
38
+ ENV[SecureYaml::DEFAULT_SECRET_KEY_PROP_NAME] = @secret_key
39
+
40
+ yaml = SecureYaml::load(double(File)) do |secret_key, encrypted_data|
41
+ "decrypt data here from #{secret_key} and #{encrypted_data}"
42
+ end
43
+
44
+ yaml.should == @yaml
45
+ end
46
+
37
47
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: secure_yaml
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.4
4
+ version: 1.1.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-07-20 00:00:00.000000000 Z
12
+ date: 2012-08-27 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rspec