Can't encrypt Pathnames

Question

Can't encrypt Pathnames

madblobfish opened this issue 8 years ago · 4 comments

When encrypting a pathname it fails or loads the file contents. The later one can be unwanted.

Example:

require 'underlock'
require 'pathname' # you should require this in your library
key = OpenSSL::PKey::RSA.new 200
Underlock::Base.configure do |config|
  config.public_key  = key.to_pem
  config.private_key = key.public_key.to_pem
  config.cipher      = OpenSSL::Cipher.new('aes-256-gcm')
end
Underlock::Base.encrypt('.')
# fails with:  Errno::EISDIR: Is a directory @ io_fread

Answer 1 · 2017-02-02T15:54:55.000Z

@madblobfish thanks for reporting this issue, It was never intended for this library to encrypt complete directories, when passed a string to encrypt, we check if it could be a valid path and if it is we try to encrypt the file at the location. Looks like we are not handling the scenario if the path points to a directory.

I'll push a fix for this today.

Answer 2 · 2017-02-02T16:43:44.000Z

When encrypting a string which is the Pathname of a existing file it will load the contents and not encrypt the sting this behavior can be unwanted.
I'd propose to make the Pathname check opt-in with a option or something.

Answer 3 · 2017-02-02T16:46:21.000Z

@madblobfish makes sense, and I agree with the proposition. I think I'd like to make the argument type be the judge of what happens. If a user wants to encrypt a file, they explicitly pass a Pathname or File object, if it's just a String, we encrypt just the string.

Answer 4 · 2017-02-03T01:14:29.000Z

@madblobfish closing this issue, because this is fixed in v0.0.4: https://github.com/metaware/underlock/releases/tag/v0.0.4