symmetric-encryption 4.1.2 → 4.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '0081579e03f62e94a1bdb39ace0dc95339594e68e47e31dc16fe529f8ba7bb03'
|
|
4
|
+
data.tar.gz: 96d3b4546062000216f38ea2d09eabb386aebcc562caf7d4f325c67fc35d548b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 52bd12e37b92ab8805b3014db5715d7a247e77a068a086bfcfef9feda41caaf111bafa706e4ba9cbd7b8d1e4644ba955f0bd66a5649cad34794d4e00bd65cc47
|
|
7
|
+
data.tar.gz: 53e10160042b149bae4b55b7cde5815c4736ac10665133b5fd01b75d4b19c44a9210fb099e972651728daf4ee2468e8ca9dbf4545fef7b34b447ff00afaf9174
|
|
@@ -8,7 +8,7 @@ module SymmetricEncryption
|
|
|
8
8
|
:environments, :cipher_name, :rolling_deploy, :rotate_keys, :rotate_kek, :prompt, :show_version,
|
|
9
9
|
:cleanup_keys, :activate_key, :migrate, :regions
|
|
10
10
|
|
|
11
|
-
KEYSTORES = %i[heroku environment file].freeze
|
|
11
|
+
KEYSTORES = %i[aws heroku environment file].freeze
|
|
12
12
|
|
|
13
13
|
def self.run!(argv)
|
|
14
14
|
new(argv).run!
|
|
@@ -19,7 +19,7 @@ module SymmetricEncryption
|
|
|
19
19
|
@environment = ENV['SYMMETRIC_ENCRYPTION_ENV'] || ENV['RACK_ENV'] || ENV['RAILS_ENV'] || 'development'
|
|
20
20
|
@config_file_path = File.expand_path(ENV['SYMMETRIC_ENCRYPTION_CONFIG'] || 'config/symmetric-encryption.yml')
|
|
21
21
|
@app_name = 'symmetric-encryption'
|
|
22
|
-
@key_path = '
|
|
22
|
+
@key_path = "#{ENV['HOME']}/.symmetric-encryption"
|
|
23
23
|
@cipher_name = 'aes-256-cbc'
|
|
24
24
|
@rolling_deploy = false
|
|
25
25
|
@prompt = false
|
|
@@ -292,7 +292,7 @@ module SymmetricEncryption
|
|
|
292
292
|
require 'highline'
|
|
293
293
|
rescue LoadError
|
|
294
294
|
puts("\nPlease install gem highline before using the command line task to decrypt an entered string.\n gem install \"highline\"\n\n")
|
|
295
|
-
exit
|
|
295
|
+
exit(-2)
|
|
296
296
|
end
|
|
297
297
|
|
|
298
298
|
encrypted = HighLine.new.ask('Enter the value to decrypt:')
|
|
@@ -307,7 +307,7 @@ module SymmetricEncryption
|
|
|
307
307
|
require 'highline'
|
|
308
308
|
rescue LoadError
|
|
309
309
|
puts("\nPlease install gem highline before using the command line task to encrypt an entered string.\n gem install \"highline\"\n\n")
|
|
310
|
-
exit
|
|
310
|
+
exit(-2)
|
|
311
311
|
end
|
|
312
312
|
value1 = nil
|
|
313
313
|
value2 = 0
|
|
@@ -36,6 +36,8 @@ module SymmetricEncryption
|
|
|
36
36
|
# Write the entire configuration for all environments to the supplied file name.
|
|
37
37
|
def self.write_file(file_name, config)
|
|
38
38
|
config = deep_stringify_keys(config)
|
|
39
|
+
|
|
40
|
+
FileUtils.mkdir_p(file_name)
|
|
39
41
|
File.open(file_name, 'w') do |f|
|
|
40
42
|
f.puts '# This file was auto generated by symmetric-encryption.'
|
|
41
43
|
f.puts '# Recommend using symmetric-encryption to make changes.'
|
|
@@ -45,8 +45,11 @@ module SymmetricEncryption
|
|
|
45
45
|
|
|
46
46
|
# Returns the Encryption key in the clear.
|
|
47
47
|
def read
|
|
48
|
-
|
|
49
|
-
|
|
48
|
+
raise(SymmetricEncryption::ConfigError,
|
|
49
|
+
"Symmetric Encryption key file: '#{file_name}' not found") unless ::File.exists?(file_name)
|
|
50
|
+
raise(SymmetricEncryption::ConfigError,
|
|
51
|
+
"Symmetric Encryption key file '#{file_name}' has the wrong "\
|
|
52
|
+
"permissions: #{::File.stat(file_name).mode.to_s(8)}. Expected 100600.") unless correct_permissions?
|
|
50
53
|
|
|
51
54
|
data = read_from_file
|
|
52
55
|
key_encrypting_key ? key_encrypting_key.decrypt(data) : data
|
|
@@ -72,7 +75,16 @@ module SymmetricEncryption
|
|
|
72
75
|
key_path = ::File.dirname(file_name)
|
|
73
76
|
::FileUtils.mkdir_p(key_path) unless ::File.directory?(key_path)
|
|
74
77
|
::File.rename(file_name, "#{file_name}.#{Time.now.to_i}") if ::File.exist?(file_name)
|
|
75
|
-
::File.open(file_name, 'wb') { |file| file.write(data) }
|
|
78
|
+
::File.open(file_name, 'wb', 0600) { |file| file.write(data) }
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
# Returns true if the file is owned by the user running this code and it
|
|
82
|
+
# has the correct mode - readable and writable by its owner and no one
|
|
83
|
+
# else, much like the keys one has in ~/.ssh
|
|
84
|
+
def correct_permissions?
|
|
85
|
+
stat = ::File.stat(file_name)
|
|
86
|
+
|
|
87
|
+
stat.owned? && stat.mode.to_s(8) == '100600'
|
|
76
88
|
end
|
|
77
89
|
end
|
|
78
90
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: symmetric-encryption
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.1.
|
|
4
|
+
version: 4.1.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Reid Morrison
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-02-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: coercible
|
|
@@ -84,8 +84,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
84
84
|
- !ruby/object:Gem::Version
|
|
85
85
|
version: '0'
|
|
86
86
|
requirements: []
|
|
87
|
-
|
|
88
|
-
rubygems_version: 2.7.7
|
|
87
|
+
rubygems_version: 3.0.2
|
|
89
88
|
signing_key:
|
|
90
89
|
specification_version: 4
|
|
91
90
|
summary: Encrypt ActiveRecord and Mongoid attributes, files and passwords in configuration
|