#!/usr/bin/ruby -w require "openssl" require "base64" #------------------------------------------------------------------------------------------------------- # Purpose: Encrypt secrets for ruby scripts, so we dont store Client Secret in plaintext. # Version History: # - VersionNumber : Date : Comment # - 0.1 : 19.09.2022 : initial creation - Jason Ross #------------------------------------------------------------------------------------------------------- args = Hash[ ARGV.flat_map{|s| s.scan(/--?([^=\s]+)(?:=(\S+))?/) } ] #Called with -xx=foo -h --jim=jam it returns {"xx"=>"foo", "h"=>nil, "jim"=>"jam"} if (args.key?('h') or args.key?('help')) puts "Usage: valEncrypter.rb -secret=\"\" " puts "" puts "Then paste these values into your config file" exit(0) else puts "" puts "Use -h to display help information" puts "" end cipher = OpenSSL::Cipher.new('aes-256-cbc') cipher.encrypt if args.key?('key') puts "Will use #{args['key']} as KEY" myKey = Base64.decode64(args['key']) cipher.key = Base64.decode64(args['key']) else myKey = cipher.random_key end if args.key?('iv') puts "Will use #{args['iv']} as IV" iv = Base64.decode64(args['iv']) cipher.iv = Base64.decode64(args['iv']) else iv = cipher.random_iv end if args.key?('secret') puts "Will encrypt value: #{args['secret']}" puts "" myString = args['secret'] else puts "use valEncrypter.rb -secret=\"\" to provide the text to encrypt" exit(0) end encrypted = cipher.update(myString) + cipher.final keyb64 = Base64.strict_encode64(myKey) ivb64 = Base64.strict_encode64(iv) encoded = Base64.strict_encode64(encrypted) puts "secretA #{keyb64}" puts "secretB #{ivb64}" puts "secretC #{encoded}" puts "==================" puts "paste the above values into your config file"