Class: Aspera::Keychain::EncryptedHash

Inherits:
Object
  • Object
show all
Defined in:
lib/aspera/keychain/encrypted_hash.rb

Overview

Manage secrets in a simple Hash

Instance Method Summary collapse

Constructor Details

#initialize(file:, password:) ⇒ EncryptedHash

Returns a new instance of EncryptedHash.



20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/aspera/keychain/encrypted_hash.rb', line 20

def initialize(file:, password:)
  Aspera.assert_type(file, String){'path to vault file'}
  @path = file
  @all_secrets = {}
  @cipher_name = DEFAULT_CIPHER_NAME
  vault_encrypted_data = nil
  if File.exist?(@path)
    vault_file = File.read(@path)
    if vault_file.start_with?('---')
      vault_info = YAML.parse(vault_file).to_ruby
      Aspera.assert(vault_info.keys.sort == FILE_KEYS){'Invalid vault file'}
      @cipher_name = vault_info['cipher']
      vault_encrypted_data = vault_info['data']
    else
      # legacy vault file
      @cipher_name = LEGACY_CIPHER_NAME
      vault_encrypted_data = File.read(@path, mode: 'rb')
    end
  end
  # setting password also creates the cipher
  @cipher = cipher(password)
  if !vault_encrypted_data.nil?
    @all_secrets = YAML.load_stream(@cipher.decrypt(vault_encrypted_data)).first
  end
end

Instance Method Details

#change_password(password) ⇒ Object 



90
91
92
93
 
# File 'lib/aspera/keychain/encrypted_hash.rb', line 90

def change_password(password)
  @cipher = cipher(password)
  save
end

#delete(label:) ⇒ Object 



85
86
87
88
 
# File 'lib/aspera/keychain/encrypted_hash.rb', line 85

def delete(label:)
  @all_secrets.delete(label)
  save
end

#get(label:, exception: true) ⇒ Object 



78
79
80
81
82
83
 
# File 'lib/aspera/keychain/encrypted_hash.rb', line 78

def get(label:, exception: true)
  Aspera.assert(@all_secrets.key?(label)){"Label not found: #{label}"} if exception
  result = @all_secrets[label].clone
  result[:label] = label if result.is_a?(Hash)
  return result
end

#infoObject 



46
47
48
49
50
 
# File 'lib/aspera/keychain/encrypted_hash.rb', line 46

def info
  return {
    file: @path
  }
end

#listObject 



52
53
54
55
56
57
58
59
60
61
 
# File 'lib/aspera/keychain/encrypted_hash.rb', line 52

def list
  result = []
  @all_secrets.each do |label, values|
    normal = values.symbolize_keys
    normal[:label] = label
    CONTENT_KEYS.each{ |k| normal[k] = '' unless normal.key?(k)}
    result.push(normal)
  end
  return result
end

#set(options) ⇒ Object

set a secret

Parameters:

  • options (Hash)

    with keys :label, :username, :password, :url, :description



65
66
67
68
69
70
71
72
73
74
75
76
 
# File 'lib/aspera/keychain/encrypted_hash.rb', line 65

def set(options)
  Aspera.assert_type(options, Hash){'options'}
  unsupported = options.keys - CONTENT_KEYS
  Aspera.assert(unsupported.empty?){"unsupported options: #{unsupported}"}
  options.each_pair do |k, v|
    Aspera.assert_type(v, String){k.to_s}
  end
  label = options.delete(:label)
  raise "secret #{label} already exist, delete first" if @all_secrets.key?(label)
  @all_secrets[label] = options.symbolize_keys
  save
end