class Dapp::Kube::Secret

Attributes

key[R]

Public Class Methods

_binary_to_hex(key) click to toggle source
# File lib/dapp/kube/secret.rb, line 65
def _binary_to_hex(key)
  key.unpack('H*').first
end
_hex_to_binary(key) click to toggle source
# File lib/dapp/kube/secret.rb, line 61
def _hex_to_binary(key)
  [key].pack('H*')
end
_openssl_cipher() click to toggle source
# File lib/dapp/kube/secret.rb, line 57
def _openssl_cipher
  OpenSSL::Cipher::AES.new(128, :CBC)
end
_validate_key!(key) click to toggle source
# File lib/dapp/kube/secret.rb, line 69
def _validate_key!(key)
  # Требуется 128 битный ключ — это 16 байт.
  # Ключ закодирован в hex кодировке для пользователя.
  # 2 hex символа на 1 байт в hex кодировке.
  # Поэтому требуется длина ключа в hex кодировке в 32 символа.
  if key.bytesize < 32
    raise InvalidKeyError, code: :key_length_too_short, data: {required_size: 32}
  end
end
generate_key() click to toggle source
# File lib/dapp/kube/secret.rb, line 53
def generate_key
  _binary_to_hex _openssl_cipher.random_key
end
new(key) click to toggle source
# File lib/dapp/kube/secret.rb, line 6
def initialize(key)
  self.class._validate_key!(key)
  @key = key
end

Public Instance Methods

extract(hexdata) click to toggle source
# File lib/dapp/kube/secret.rb, line 23
def extract(hexdata)
  data = self.class._hex_to_binary hexdata.to_s

  iv_size = data.unpack('S').first
  data = data.byteslice(2..-1)
  raise ExtractionError, code: :bad_data, data: {data: hexdata} unless data

  iv = data.byteslice(0, iv_size)
  data = data.byteslice(iv_size..-1)
  raise ExtractionError, code: :bad_data, data: {data: hexdata} unless data

  decipher = self.class._openssl_cipher
  decipher.decrypt
  decipher.key = self.class._hex_to_binary(key)

  begin
    decipher.iv = iv
  rescue OpenSSL::Cipher::CipherError
    raise ExtractionError, code: :bad_data, data: {data: hexdata}
  end

  begin
    value = decipher.update(data) + decipher.final
  rescue OpenSSL::Cipher::CipherError
    raise ExtractionError, code: :bad_data, data: {data: hexdata}
  end
  value.force_encoding('utf-8')
end
generate(value) click to toggle source
# File lib/dapp/kube/secret.rb, line 11
def generate(value)
  cipher = self.class._openssl_cipher
  cipher.encrypt
  cipher.key = self.class._hex_to_binary key
  iv = cipher.random_iv

  iv_size_prefix = [iv.bytesize].pack('S')
  encrypted = cipher.update(value.to_s) + cipher.final

  self.class._binary_to_hex "#{iv_size_prefix}#{iv}#{encrypted}"
end