symmetric-encryption 4.1.2 → 4.1.3
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '0081579e03f62e94a1bdb39ace0dc95339594e68e47e31dc16fe529f8ba7bb03'
|
|
4
|
+
data.tar.gz: 96d3b4546062000216f38ea2d09eabb386aebcc562caf7d4f325c67fc35d548b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 52bd12e37b92ab8805b3014db5715d7a247e77a068a086bfcfef9feda41caaf111bafa706e4ba9cbd7b8d1e4644ba955f0bd66a5649cad34794d4e00bd65cc47
|
|
7
|
+
data.tar.gz: 53e10160042b149bae4b55b7cde5815c4736ac10665133b5fd01b75d4b19c44a9210fb099e972651728daf4ee2468e8ca9dbf4545fef7b34b447ff00afaf9174
|
|
@@ -8,7 +8,7 @@ module SymmetricEncryption
|
|
|
8
8
|
:environments, :cipher_name, :rolling_deploy, :rotate_keys, :rotate_kek, :prompt, :show_version,
|
|
9
9
|
:cleanup_keys, :activate_key, :migrate, :regions
|
|
10
10
|
|
|
11
|
-
KEYSTORES = %i[heroku environment file].freeze
|
|
11
|
+
KEYSTORES = %i[aws heroku environment file].freeze
|
|
12
12
|
|
|
13
13
|
def self.run!(argv)
|
|
14
14
|
new(argv).run!
|
|
@@ -19,7 +19,7 @@ module SymmetricEncryption
|
|
|
19
19
|
@environment = ENV['SYMMETRIC_ENCRYPTION_ENV'] || ENV['RACK_ENV'] || ENV['RAILS_ENV'] || 'development'
|
|
20
20
|
@config_file_path = File.expand_path(ENV['SYMMETRIC_ENCRYPTION_CONFIG'] || 'config/symmetric-encryption.yml')
|
|
21
21
|
@app_name = 'symmetric-encryption'
|
|
22
|
-
@key_path = '
|
|
22
|
+
@key_path = "#{ENV['HOME']}/.symmetric-encryption"
|
|
23
23
|
@cipher_name = 'aes-256-cbc'
|
|
24
24
|
@rolling_deploy = false
|
|
25
25
|
@prompt = false
|
|
@@ -292,7 +292,7 @@ module SymmetricEncryption
|
|
|
292
292
|
require 'highline'
|
|
293
293
|
rescue LoadError
|
|
294
294
|
puts("\nPlease install gem highline before using the command line task to decrypt an entered string.\n gem install \"highline\"\n\n")
|
|
295
|
-
exit
|
|
295
|
+
exit(-2)
|
|
296
296
|
end
|
|
297
297
|
|
|
298
298
|
encrypted = HighLine.new.ask('Enter the value to decrypt:')
|
|
@@ -307,7 +307,7 @@ module SymmetricEncryption
|
|
|
307
307
|
require 'highline'
|
|
308
308
|
rescue LoadError
|
|
309
309
|
puts("\nPlease install gem highline before using the command line task to encrypt an entered string.\n gem install \"highline\"\n\n")
|
|
310
|
-
exit
|
|
310
|
+
exit(-2)
|
|
311
311
|
end
|
|
312
312
|
value1 = nil
|
|
313
313
|
value2 = 0
|
|
@@ -36,6 +36,8 @@ module SymmetricEncryption
|
|
|
36
36
|
# Write the entire configuration for all environments to the supplied file name.
|
|
37
37
|
def self.write_file(file_name, config)
|
|
38
38
|
config = deep_stringify_keys(config)
|
|
39
|
+
|
|
40
|
+
FileUtils.mkdir_p(file_name)
|
|
39
41
|
File.open(file_name, 'w') do |f|
|
|
40
42
|
f.puts '# This file was auto generated by symmetric-encryption.'
|
|
41
43
|
f.puts '# Recommend using symmetric-encryption to make changes.'
|
|
@@ -45,8 +45,11 @@ module SymmetricEncryption
|
|
|
45
45
|
|
|
46
46
|
# Returns the Encryption key in the clear.
|
|
47
47
|
def read
|
|
48
|
-
|
|
49
|
-
|
|
48
|
+
raise(SymmetricEncryption::ConfigError,
|
|
49
|
+
"Symmetric Encryption key file: '#{file_name}' not found") unless ::File.exists?(file_name)
|
|
50
|
+
raise(SymmetricEncryption::ConfigError,
|
|
51
|
+
"Symmetric Encryption key file '#{file_name}' has the wrong "\
|
|
52
|
+
"permissions: #{::File.stat(file_name).mode.to_s(8)}. Expected 100600.") unless correct_permissions?
|
|
50
53
|
|
|
51
54
|
data = read_from_file
|
|
52
55
|
key_encrypting_key ? key_encrypting_key.decrypt(data) : data
|
|
@@ -72,7 +75,16 @@ module SymmetricEncryption
|
|
|
72
75
|
key_path = ::File.dirname(file_name)
|
|
73
76
|
::FileUtils.mkdir_p(key_path) unless ::File.directory?(key_path)
|
|
74
77
|
::File.rename(file_name, "#{file_name}.#{Time.now.to_i}") if ::File.exist?(file_name)
|
|
75
|
-
::File.open(file_name, 'wb') { |file| file.write(data) }
|
|
78
|
+
::File.open(file_name, 'wb', 0600) { |file| file.write(data) }
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
# Returns true if the file is owned by the user running this code and it
|
|
82
|
+
# has the correct mode - readable and writable by its owner and no one
|
|
83
|
+
# else, much like the keys one has in ~/.ssh
|
|
84
|
+
def correct_permissions?
|
|
85
|
+
stat = ::File.stat(file_name)
|
|
86
|
+
|
|
87
|
+
stat.owned? && stat.mode.to_s(8) == '100600'
|
|
76
88
|
end
|
|
77
89
|
end
|
|
78
90
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: symmetric-encryption
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.1.
|
|
4
|
+
version: 4.1.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Reid Morrison
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-02-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: coercible
|
|
@@ -84,8 +84,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
84
84
|
- !ruby/object:Gem::Version
|
|
85
85
|
version: '0'
|
|
86
86
|
requirements: []
|
|
87
|
-
|
|
88
|
-
rubygems_version: 2.7.7
|
|
87
|
+
rubygems_version: 3.0.2
|
|
89
88
|
signing_key:
|
|
90
89
|
specification_version: 4
|
|
91
90
|
summary: Encrypt ActiveRecord and Mongoid attributes, files and passwords in configuration
|