Encryptor Encryptor

Author: marcqualie

.gitignore

@@ -6,3 +6,4 @@
 /pkg/
 /spec/reports/
 /tmp/
+Gemfile.lock

.rubocop.yml

@@ -0,0 +1,15 @@
+AllCops:
+  NewCops: enable
+
+Style/ClassAndModuleChildren:
+  Exclude:
+    - test/**/*_test.rb
+Style/Documentation:
+  Enabled: false
+Metrics/MethodLength:
+  Exclude:
+    - test/**/*_test.rb
+
+Layout/LineLength:
+  Exclude:
+    - test/**/*_test.rb

Gemfile

@@ -1,7 +1,10 @@
-source "https://rubygems.org"
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
 
 # Specify your gem's dependencies in diffcrypt.gemspec
 gemspec
 
-gem "rake", "~> 12.0"
-gem "minitest", "~> 5.0"
+gem 'minitest', '~> 5.0'
+gem 'rake', '~> 13.0'
+gem 'rubocop', '~> 0.86'

README.md

@@ -1,8 +1,8 @@
 # Diffcrypt
 
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/diffcrypt`. To experiment with that code, run `bin/console` for an interactive prompt.
+Diffable encrypted files that you can safely commit into your repo.
+
 
-TODO: Delete this and the text above, and describe your gem
 
 ## Installation
 
@@ -20,21 +20,44 @@ Or install it yourself as:
 
     $ gem install diffcrypt
 
+
+
 ## Usage
 
-TODO: Write usage instructions here
+
+### Encrypt existing file
+
+```ruby
+encryptor = Diffcrypt::Encryptor.new('99e1f86b9e61f24c56ff4108dd415091')
+yaml = File.read('tmp/example.yml')
+encrypted = encryptor.encrypt(yaml)
+File.write('tmp/example.yml.enc', encrypted)
+```
+
+### Decrypt a file
+
+```ruby
+encryptor = Diffcrypt::Encryptor.new('99e1f86b9e61f24c56ff4108dd415091')
+yaml = File.read('tmp/example.yml.enc')
+config = YAML.safe_load(encryptor.decrypt(yaml))
+```
+
+
 
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
 
 To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
 
+
+
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/marcqualie/diffcrypt.
 
 
+
 ## License
 
 The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

Rakefile

@@ -1,10 +1,12 @@
-require "bundler/gem_tasks"
-require "rake/testtask"
+# frozen_string_literal: true
+
+require 'bundler/gem_tasks'
+require 'rake/testtask'
 
 Rake::TestTask.new(:test) do |t|
-  t.libs << "test"
-  t.libs << "lib"
-  t.test_files = FileList["test/**/*_test.rb"]
+  t.libs << 'test'
+  t.libs << 'lib'
+  t.test_files = FileList['test/**/*_test.rb']
 end
 
-task :default => :test
+task default: :test

bin/console

@@ -1,7 +1,8 @@
 #!/usr/bin/env ruby
+# frozen_string_literal: true
 
-require "bundler/setup"
-require "diffcrypt"
+require 'bundler/setup'
+require 'diffcrypt'
 
 # You can add fixtures and/or initialization code here to make experimenting
 # with your gem easier. You can also use a different console, if you like.
@@ -10,5 +11,5 @@ require "diffcrypt"
 # require "pry"
 # Pry.start
 
-require "irb"
+require 'irb'
 IRB.start(__FILE__)

diffcrypt.gemspec

@@ -1,29 +1,33 @@
+# frozen_string_literal: true
+
 require_relative 'lib/diffcrypt/version'
 
 Gem::Specification.new do |spec|
-  spec.name          = "diffcrypt"
+  spec.name          = 'diffcrypt'
   spec.version       = Diffcrypt::VERSION
-  spec.authors       = ["Marc Qualie"]
-  spec.email         = ["marc@marcqualie.com"]
+  spec.authors       = ['Marc Qualie']
+  spec.email         = ['marc@marcqualie.com']
 
-  spec.summary       = %q{TODO: Write a short summary, because RubyGems requires one.}
-  spec.description   = %q{TODO: Write a longer description or delete this line.}
-  spec.homepage      = "TODO: Put your gem's website or public repo URL here."
-  spec.license       = "MIT"
-  spec.required_ruby_version = Gem::Requirement.new(">= 2.3.0")
+  spec.summary       = 'Diffable encrypted files'
+  spec.description   = 'Diffable encrypted files'
+  spec.homepage      = 'https://github.com/marcqualie/diffcrypt'
+  spec.license       = 'MIT'
+  spec.required_ruby_version = Gem::Requirement.new('>= 2.3.0')
 
-  spec.metadata["allowed_push_host"] = "TODO: Set to 'http://mygemserver.com'"
+  # spec.metadata["allowed_push_host"] = "TODO: Set to 'http://mygemserver.com'"
 
-  spec.metadata["homepage_uri"] = spec.homepage
-  spec.metadata["source_code_uri"] = "TODO: Put your gem's public repo URL here."
-  spec.metadata["changelog_uri"] = "TODO: Put your gem's CHANGELOG.md URL here."
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = 'https://github.com/marcqualie/diffcrypt'
+  # spec.metadata['changelog_uri'] = "TODO: Put your gem's CHANGELOG.md URL here."
 
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
-  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
     `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
-  spec.bindir        = "exe"
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
+  spec.bindir = 'exe'
+  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  spec.add_runtime_dependency 'activesupport', '~> 6.0.0'
 end

lib/diffcrypt.rb

@@ -1,6 +1,8 @@
-require "diffcrypt/version"
+# frozen_string_literal: true
+
+require 'diffcrypt/encryptor'
+require 'diffcrypt/version'
 
 module Diffcrypt
   class Error < StandardError; end
-  # Your code goes here...
 end

lib/diffcrypt/encryptor.rb

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+
+require 'pathname'
+require 'tmpdir'
+require 'securerandom'
+require 'yaml'
+
+require 'active_support/message_encryptor'
+
+module Diffcrypt
+  class Encryptor
+    CIPHER = 'aes-128-gcm'
+
+    def self.generate_key
+      SecureRandom.hex(ActiveSupport::MessageEncryptor.key_len(CIPHER))
+    end
+
+    def initialize(key)
+      @key = key
+      @encryptor ||= ActiveSupport::MessageEncryptor.new([key].pack('H*'), cipher: CIPHER)
+    end
+
+    # @param [String] contents The raw YAML string to be encrypted
+    def decrypt(contents)
+      yaml = YAML.safe_load contents
+      decrypted = decrypt_hash yaml
+      YAML.dump decrypted
+    end
+
+    # @param [Hash] data
+    # @return [Hash]
+    def decrypt_hash(data)
+      data.each do |key, value|
+        data[key] = if value.is_a?(Hash) || value.is_a?(Array)
+                      decrypt_hash(value)
+                    else
+                      decrypt_string value
+                    end
+      end
+      data
+    end
+
+    # @param [String] contents The raw YAML string to be encrypted
+    def encrypt(contents)
+      yaml = YAML.safe_load contents
+      encrypted = encrypt_values yaml
+      YAML.dump encrypted
+    end
+
+    # @param [String] value Plain text string that needs encrypting
+    # @return [String]
+    def encrypt_string(value)
+      @encryptor.encrypt_and_sign value
+    end
+
+    # @param [Hash] keys
+    # @return [Hash]
+    def encrypt_values(data)
+      data.each do |key, value|
+        data[key] = if value.is_a?(Hash) || value.is_a?(Array)
+                      encrypt_values(value)
+                    else
+                      encrypt_string value
+                    end
+      end
+      data
+    end
+
+    # @param [String] value The encrypted value that needs decrypting
+    # @return [String]
+    def decrypt_string(value)
+      @encryptor.decrypt_and_verify value
+    end
+  end
+end

lib/diffcrypt/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Diffcrypt
-  VERSION = "0.1.0"
+  VERSION = '0.1.0'
 end