class Keepasshttp::KeyStore::SshAgent
Use your running ssh-agent session to encrypt your session key
Public Class Methods
available?()
click to toggle source
Calls superclass method
Keepasshttp::KeyStore::Plain::available?
# File lib/keepasshttp/key_store.rb, line 48 def available? require 'net/ssh' super rescue LoadError raise LoadError, 'To use key_store: :SshAgent you have to install ' \ "the 'net-ssh' gem" end
load()
click to toggle source
Calls superclass method
Keepasshttp::KeyStore::Plain::load
# File lib/keepasshttp/key_store.rb, line 64 def load params = super params[:key] = decrypt(params[:key], iv: params.delete(:iv)) params end
save(params = {})
click to toggle source
Calls superclass method
Keepasshttp::KeyStore::Plain::save
# File lib/keepasshttp/key_store.rb, line 57 def save(params = {}) enc, iv = encrypt(params.delete(:key)) params[:key] = enc params[:iv] = iv super(params) end
Private Class Methods
decrypt(string, iv:)
click to toggle source
# File lib/keepasshttp/key_store.rb, line 84 def decrypt(string, iv:) agent = Net::SSH::Authentication::Agent.connect cip = OpenSSL::Cipher.new('AES-256-CBC') cip.decrypt cip.iv = iv cip.key = agent.sign(identity(agent), iv)[-32..-1] cip.update(string) + cip.final end
encrypt(string)
click to toggle source
# File lib/keepasshttp/key_store.rb, line 72 def encrypt(string) agent = Net::SSH::Authentication::Agent.connect cip = OpenSSL::Cipher.new('AES-256-CBC') cip.encrypt iv = cip.random_iv cip.key = agent.sign(identity(agent), iv)[-32..-1] [cip.update(string) + cip.final, iv] end
identity(agent)
click to toggle source
TODO, make the key selectable
# File lib/keepasshttp/key_store.rb, line 97 def identity(agent) if agent.identities.empty? raise 'No identity available. Run `ssh-add` and try again' end agent.identities.first end