Develop Reference

How to set multiline RSA private key environment variable for AWS Elastic Beans

I am deploying a Ruby on Rails application to AWS using Elastic Beanstalk and have to set a private key as an environment variable
E.g
-----BEGIN RSA PRIVATE KEY-----
SpvpksXQIBA65ICOgQxV2TvMIICAiMeV9prhdJSKjjsk2
tYdz8lhn/ibROQW71utuHLAyHGMBxz3kIaaIq1kjdkkk
tYdz8lhn/ibROQW71utuHLAyHGMBxz3kIaaIq1kjdkkk
tYdz8lhn/ibROQW71utuHLAyHGMBxz3kIaaIq1kjdkkk
tYdz8lhn/ibROQW71utuHLAyHGMBxz3kIaaIq1kjdkkk
-----END RSA PRIVATE KEY-----
However this doesn't seem to work when deploying the app as it always fails with a
OpenSSL::PKey::RSAError: Neither PUB key nor PRIV key: nested asn1
error
I think it's because the RSA Key is malformed.
However unlike in Heroku, AWS EB does not accept multiline input (see below) so I have to use \n to create new lines.
I tried with few different styles but none of them seem to interpolate the \n properly and I always keep getting the same error.
I've tried with \n and the end of each line, then \\n and also tried tried double quotes \" to wrap the key but I still keep getting the same error.
How do I properly set a multiline environment variable in AWS Elastic Beanstalk ?

You can transform your private key in a base64, then you store that base64 as environment variable. When needed you decode this variable.
in unix:
$ base64 path/to/your/private_key_file
in your application:
def private_key
Base64.decode64(ENV['PRIVATE_KEY'])
end

You could set it in EB using \n and then convert the '\n' to newlines before you pass it to config.key - something like this (note the single and double quotes in the call to gsub):
single_line_key = ENV.fetch('CLOUDFRONT_KEY')
multi_line_key = single_line_key.gsub('\n', "\n")
config.key = multi_line_key

In I had the same problem with Golang and the elastic beanstalk,
I did this
went to AWS console and set the value like this:
-----BEGIN RSA PRIVATE KEY-----\nSpvpksXQIBA65ICOgQxV2TvMIICAiMeV9prhdJSKjjsk2\ntYdz8lhn/ibROQW71utuHLAyHGMBxz3kIaaIq1kjdkkk\ntYdz8lhn/ibROQW71utuHLAyHGMBxz3kIaaIq1kjdkkk\ntYdz8lhn/ibROQW71utuHLAyHGMBxz3kIaaIq1kjdkkk\ntYdz8lhn/ibROQW71utuHLAyHGMBxz3kIaaIq1kjdkkk\n-----END RSA PRIVATE KEY-----
inside my code
key := os.Getenv("PUSH_AUTH_KEY")
key = strings.Replace(key, `\n`, "\n", 5)

You need to 'export' your multiline string, e.g., your private or public key into the environment correctly.
Enclose in your shell export statement $'.....' where ...... is your multiline string, e.g., your private or public key.
Example:
export KEY = $'-----BEGIN RSA PRIVATE KEY-----\nSpvpksXQIBA65ICOgQxV2TvMIICAiMeV9prhdJSKjjsk2tYdz8lhn/ibROQW71utuHLAyHGMBxz3kIaaIq1kjdkkktYdz8lhn/ibROQW71utuHLAyHGMBxz3kIaaIq1kjdkkktYdz8lhn/ibROQW71utuHLAyHGMBxz3kIaaIq1kjdkkktYdz8lhn/ibROQW71utuHLAyHGMBxz3kIaaIq1kjdkk\n-----END RSA PRIVATE KEY-----'

Rails can't read certificate information from environment due to nested asn1 error

I've got some certificate files, namely a .key file which says:
-----BEGIN RSA PRIVATE KEY-----
IEpAIBAAKCAQEAwAwxt4edIh3UuK8r5
....blablabla..................
QSNoquaasdsaKDybrezemVqCxsQjg==
-----END RSA PRIVATE KEY-----
So it's a RSA Private Key.
I used to load them from files like so:
#private_key = OpenSSL::PKey::RSA.new(File.read(private_key_file))
But since I am using Heroku, I intend to have my certificates saved as their values in environment variables.
So I've pasted them in my .env file
COMPANY_KEY="-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKC.....\n-----END RSA PRIVATE KEY-----"
Yeah, I switched the \n for explicits \\n based on Multi-line config variables in Heroku. So now my code looks like this:
#private_key = OpenSSL::PKey::RSA.new(ENV['COMPANY_KEY'])
And if I run it from the console I get the object built. But if I try to run it from the web server (Puma 3.4.0 over Rails 4.2.6, Ruby 2.2.3) it fails miserably saying: Neither PUB key nor PRIV key:: nested asn1 error when trying to run that same line.
If I use the debug console I get that the read file looks like
"Line 1\\nLine3\\nLinea3" and so on...
I'm pretty sure that it has something to do with the file format, but I'm all out of ideas and maybe you could help if you had a problem like mine.

I finally found a way to do it... mixing it all up!
So the file, for example company.key looks like
-----BEGIN PRIVATE RSA KEY ----
Mumbojumbomummbojumbo
-----END RSA PRIVATE KEY----
So I switched it to a one liner, making explicit \n in the string (so its a real \n)
COMPANY_KEY=""-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA+ztKEj\n-----END RSA PRIVATE KEY-----\n"
Don't forget the last \n in the file.
Now, the last part, in the place where I used to do
#private_key = OpenSSL::PKey::RSA.new(File.read(private_key_file))
Now I do
#private_key = OpenSSL::PKey::RSA.new(ENV['COMPANY_KEY'].gsub("\\n", "\n"))
And now works like a charm! No public certificates, every piece of info in environment variables.

Save yourself some trouble and store only the certificate or key body in the environment variable. No need to put in newline characters.
SECRET = <<-SECRET
-----BEGIN PRIVATE KEY-----
#{ENV['SECRET_KEY']}
-----END PRIVATE KEY-----
SECRET
CERTIFICATE = <<-CERT
-----BEGIN CERTIFICATE-----
#{ENV['CERT']}
-----END CERTIFICATE-----
CERT

I switched the \n for explicits \\n based on Multi-line config variables in Heroku.
...
If I use the debug console I get that the read file looks like "Line 1\\nLine3\\nLinea3" ...
You problem should be here. The post you are linking is not suggesting to double escape your new lines, it is suggesting to wrap your multi-line text into "double quotes". In bash, it would allow to enter multi-line text at the terminal. The post also suggests to do it an in much easier way:
heroku config:add MASISA_KEY ="$(cat your_private_key.pem)"

What does # in front of a Dart string mean

I found some Dart code with # in front of a string:
_specialCharactersInsideCharacterClass = new HashSet.from([#"^", #"-", #"]"]);
Found in: RegExpBuilder.dart
What is the meaning of the symbol # in this case?

Right now, a prefix # character in front of a string is not valid Dart code. But I can imaging that it is was used to disable escaping and string interpolation in the past. The linked Dart file is from 2013, so maybe it was created before the prefix r was introduced to mark raw strings:
_specialCharactersInsideCharacterClass = new HashSet.from([r"^", r"-", r"]"]);
In raw strings, string interpolation (using the $ character) and escaping (for example \r) are disabled.

Proper way to insert a .pem cert into OpenSSL / a rails model?

I have a .pem cert that I'm reasonably sure I generated correctly, and it is not being accepted by OpenSSL when I paste it into a Rails 3.0.2 model. What I do is this:
open up the .pem file in Textmate
select all and copy
user.cert = <paste into model>; user.save
OpenSSL::PKey::RSA.new(user.cert)
This gives me the error:
Neither PUB key nor PRIV key::
To test, I just loaded in the file instead, no errors:
OpenSSL::PKey::RSA.new(File.read("/path/to/cert.pem"))
I thought maybe it would be some encoding error or newline issue, I had tried gsub'ing out the newlines to no avail.

It was a weird copy and paste artifact indeed. I File.read'd it into the model instead of copy paste and it worked fine...

Perhaps late, but this is the answer:
You can put a public key inline in Ruby with copy/paste, but keep in mind that what looks like formatting to you is white space in the line - you need to make sure that the resulting pem string has no spaces. I just copied and pasted from a PEM file into Ruby code, and it did not work until I removed the extra spaces that text mate or whatever added to the lines.
Hard to show here:
SQS_PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3VeTxEgLQLL11UN2G6c
oQsc0LbpoEs4VTmu0S4XU82N4h/25XX5k4t5oTJ0JGGSBP4/gzTwz15vS5mrlnsG
MISSINGLINES
rMV5ZCXToG0VCNPEHpZQnUHMCg/nF9jnk9i1ZZHv2dpYYG7GHMUPG3rtcTWJvZxI
3wIDAQAB
-----END PUBLIC KEY-----".force_encoding("us-ascii")
SQS_PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3VeTxEgLQLL11UN2G6c
oQsc0LbpoEs4VTmu0S4XU82N4h/25XX5k4t5oTJ0JGGSBP4/gzTwz15vS5mrlnsG
MISSINGLINES
rMV5ZCXToG0VCNPEHpZQnUHMCg/nF9jnk9i1ZZHv2dpYYG7GHMUPG3rtcTWJvZxI
3wIDAQAB
-----END PUBLIC KEY-----".force_encoding("us-ascii")
ie - NOT the second one - ruby adds spaces to the start of each line, and the RSA tools do not ignore spaces - they only seem to ignore line feeds.
I use the copy/pasted key as a fallback - in other words if an ENV is set I use that, otherwise use the pasted in public key.
--Tom

Iconv.conv in Rails application to convert from unicode to ASCII//translit

We wanted to convert a unicode string in Slovak language into plain ASCII (without accents/carons) That is to do: č->c š->s á->a é->e etc.
We tried:
cstr = Iconv.conv('us-ascii//translit', 'utf-8', a_unicode_string)
It was working on one system (Mac) and was not working on the other (Ubuntu) where it was giving '?' for accented characters after conversion.
Problem: iconv was using LANG/LC_ALL variables. I do not know why, when the encodings are known, but well... You had to set the locale variables to something.utf8, for example: sk_SK.utf8 or en_GB.utf8
Next step was to try to set ENV['LANG'] and ENV['LC_ALL'] in config/application.rb. This was ignored by Iconv in ruby.
Another try was to use global system setting in /etc/default/locale - this worked in command line, but not for Rails application. Reason: apache has its own environment. Therefore the final solution was to add LANG/LC_ALL variables into /etc/apache2/envvars:
export LC_ALL="en_GB.utf8"
export LANG="en_GB.utf8"
export LANGUAGE="en_GB.utf8"
Restarted apache and it worked.
This is more a little how-to than a question. However, if someone has better solution I would like to know about it.

You can try unaccent approach instead.