class Backup::Encryptor::OpenSSL

Attributes

base64[RW]

Determines whether the 'base64' should be used or not

password[RW]

The password that'll be used to encrypt the backup. This password will be required to decrypt the backup later on.

password_file[RW]

The password file to use to encrypt the backup.

salt[RW]

Determines whether the 'salt' flag should be used

Public Class Methods

new(&block) click to toggle source

Creates a new instance of Backup::Encryptor::OpenSSL and sets the password attribute to what was provided

Calls superclass method Backup::Encryptor::Base::new
# File lib/backup/encryptor/open_ssl.rb, line 27
def initialize(&block)
  super

  @base64        ||= false
  @salt          ||= true
  @password_file ||= nil

  instance_eval(&block) if block_given?
end

Public Instance Methods

encrypt_with() { |"#{ utility(:openssl) } #{ options }", '.enc'| ... } click to toggle source

This is called as part of the procedure run by the Packager. It sets up the needed options to pass to the openssl command, then yields the command to use as part of the packaging procedure. Once the packaging procedure is complete, it will return so that any clean-up may be performed after the yield.

# File lib/backup/encryptor/open_ssl.rb, line 43
def encrypt_with
  log!
  yield "#{ utility(:openssl) } #{ options }", '.enc'
end

Private Instance Methods

options() click to toggle source

Uses the 256bit AES encryption cipher, which is what the US Government uses to encrypt information at the “Top Secret” level.

The -base64 option will make the encrypted output base64 encoded, this makes the encrypted file readable using text editors

The -salt option adds strength to the encryption

Always sets a password option, if even no password is given, but will prefer the password_file option if both are given.

# File lib/backup/encryptor/open_ssl.rb, line 61
def options
  opts = ['aes-256-cbc']
  opts << '-base64' if @base64
  opts << '-salt'   if @salt

  if @password_file.to_s.empty?
    opts << "-k #{Shellwords.escape(@password)}"
  else
    opts << "-pass file:#{@password_file}"
  end

  opts.join(' ')
end