Class: Itamae::Secrets::AesKey

Inherits:

Object

• Object
• Itamae::Secrets::AesKey

Defined in:

lib/itamae/secrets/aes_key.rb

Constant Summary

AES1_KEY_LEN =

OpenSSL::Cipher.new('aes-256-gcm').key_len

Instance Attribute Summary

• #key ⇒ Object readonly

  Returns the value of attribute key.

• #name ⇒ Object readonly

  Returns the value of attribute name.

• #type ⇒ Object readonly

  Returns the value of attribute type.

Class Method Summary

• .generate_pkcs5(name, passphrase) ⇒ Object
• .generate_random(name) ⇒ Object
• .key_len_for_type(type) ⇒ Object
• .load_json(json) ⇒ Object

Instance Method Summary

• #algorithm_compatible?(algorithm) ⇒ Boolean
• #initialize(name, type, key) ⇒ AesKey constructor

  A new instance of AesKey.

• #to_json ⇒ Object
• #to_s ⇒ Object

Constructor Details

#initialize(name, type, key) ⇒ AesKey

Returns a new instance of AesKey.

Raises:

• (ArgumentError)

# File 'lib/itamae/secrets/aes_key.rb', line 37

def initialize(name, type, key)
  raise ArgumentError, "name must not contain slashes, commas, backslackes" if name.include?("\\") || name.include?(?/) || name.include?(?:)
  @name = name
  @type = type
  @key = key
end

Instance Attribute Details

#key ⇒ Object (readonly)

Returns the value of attribute key.

# File 'lib/itamae/secrets/aes_key.rb', line 44

def key
  @key
end

#name ⇒ Object (readonly)

Returns the value of attribute name.

# File 'lib/itamae/secrets/aes_key.rb', line 44

def name
  @name
end

#type ⇒ Object (readonly)

Returns the value of attribute type.

# File 'lib/itamae/secrets/aes_key.rb', line 44

def type
  @type
end

Class Method Details

.generate_pkcs5(name, passphrase) ⇒ Object

# File 'lib/itamae/secrets/aes_key.rb', line 23

def self.generate_pkcs5(name, passphrase)
  key_len = key_len_for_type('aes1')

  salt = OpenSSL::Digest::SHA256.digest(name)
  key = OpenSSL::PKCS5.pbkdf2_hmac(passphrase, salt, 30000, key_len, OpenSSL::Digest::SHA256.new)

  new name, 'aes1', key
end

.generate_random(name) ⇒ Object

# File 'lib/itamae/secrets/aes_key.rb', line 18

def self.generate_random(name)
  key_len = key_len_for_type('aes1')
  new name, 'aes1', OpenSSL::Random.random_bytes(key_len)
end

.key_len_for_type(type) ⇒ Object

# File 'lib/itamae/secrets/aes_key.rb', line 9

def self.key_len_for_type(type)
  case type
  when 'aes1'
    AES1_KEY_LEN
  else
    raise ArgumentError, "unknown type #{type.inspect}"
  end
end

.load_json(json) ⇒ Object

# File 'lib/itamae/secrets/aes_key.rb', line 32

def self.load_json(json)
  data = JSON.parse(json)
  new(data['name'], data['type'], data['key'].unpack('m*')[0])
end

Instance Method Details

#algorithm_compatible?(algorithm) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/itamae/secrets/aes_key.rb', line 46

def algorithm_compatible?(algorithm)
  algorithm == 'aes-256-gcm'
end

#to_json ⇒ Object

# File 'lib/itamae/secrets/aes_key.rb', line 54

def to_json
  {
    name: name,
    type: type,
    key: [key].pack('m*'),
  }.to_json
end

#to_s ⇒ Object

# File 'lib/itamae/secrets/aes_key.rb', line 50

def to_s
  key
end