lib/backup/encryptor/open_ssl.rb in backup-3.0.20 vs lib/backup/encryptor/open_ssl.rb in backup-3.0.21

@@ -13,69 +13,59 @@
       # The password file to use to encrypt the backup.
       attr_accessor :password_file
 
       ##
       # Determines whether the 'base64' should be used or not
-      attr_writer :base64
+      attr_accessor :base64
 
       ##
       # Determines whether the 'salt' flag should be used
-      attr_writer :salt
+      attr_accessor :salt
 
       ##
       # Creates a new instance of Backup::Encryptor::OpenSSL and
       # sets the password attribute to what was provided
       def initialize(&block)
-        load_defaults!
+        super
 
         @base64        ||= false
-        @salt          ||= false
+        @salt          ||= true
         @password_file ||= nil
 
         instance_eval(&block) if block_given?
       end
 
       ##
-      # Performs the encryption of the backup file
-      def perform!
+      # This is called as part of the procedure run by the Packager.
+      # It sets up the needed options to pass to the openssl command,
+      # then yields the command to use as part of the packaging procedure.
+      # Once the packaging procedure is complete, it will return
+      # so that any clean-up may be performed after the yield.
+      def encrypt_with
         log!
-        run("#{ utility(:openssl) } #{ options } -in '#{ Backup::Model.file }' -out '#{ Backup::Model.file }.enc'")
-        rm(Backup::Model.file)
-        Backup::Model.extension += '.enc'
+        yield "#{ utility(:openssl) } #{ options }", '.enc'
       end
 
-    private
+      private
 
       ##
-      # Backup::Encryptor::OpenSSL uses the 256bit AES encryption cipher.
-      # 256bit AES is what the US Government uses to encrypt information at the "Top Secret" level.
-      def options
-        (['aes-256-cbc'] + base64 + salt + pass).join("\s")
-      end
-
-      ##
-      # Returns '-base64' if @base64 is set to 'true'.
-      # This option will make the encrypted output base64 encoded,
+      # Uses the 256bit AES encryption cipher, which is what the
+      # US Government uses to encrypt information at the "Top Secret" level.
+      #
+      # The -base64 option will make the encrypted output base64 encoded,
       # this makes the encrypted file readable using text editors
-      def base64
-        return ['-base64'] if @base64; []
-      end
-
-      ##
-      # Returns '-salt' if @salt is set to 'true'.
-      # This options adds strength to the encryption
-      def salt
-        return ['-salt'] if @salt; []
-      end
-
-      ##
-      # Returns '-pass file:<password file>' when @password_file has been set.
-      def pass
-        if @password_file
-          ["-pass file:#{@password_file}"]
-        else
-          ["-k '#{@password}'"]
-        end
+      #
+      # The -salt option adds strength to the encryption
+      #
+      # Always sets a password option, if even no password is given,
+      # but will prefer the password_file option if both are given.
+      def options
+        opts = ['aes-256-cbc']
+        opts << '-base64' if @base64
+        opts << '-salt'   if @salt
+        opts << ( @password_file.to_s.empty? ?
+                "-k '#{@password}'" : "-pass file:#{@password_file}" )
+        opts.join(' ')
       end
 
     end
   end
 end