Module: Redmine::Ciphering

Included in:
AuthSource, Repository, User
Defined in:
lib/redmine/ciphering.rb

Defined Under Namespace

Modules: ClassMethods

Class Method Summary collapse

Class Method Details

.cipher_keyObject



61
62
63
64
# File 'lib/redmine/ciphering.rb', line 61

def cipher_key
  key = Redmine::Configuration['database_cipher_key'].to_s
  key.blank? ? nil : Digest::SHA256.hexdigest(key)[0..31]
end

.decrypt_text(text) ⇒ Object



42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# File 'lib/redmine/ciphering.rb', line 42

def decrypt_text(text)
  if text && match = text.match(/\Aaes-256-cbc:(.+)\Z/)
    if cipher_key.blank?
      logger.error "Attempt to decrypt a ciphered text with no cipher key configured in config/configuration.yml" if logger
      return text
    end
    text = match[1]
    c = OpenSSL::Cipher.new("aes-256-cbc")
    e, iv = text.split("--").map {|s| Base64.decode64(s)}
    c.decrypt
    c.key = cipher_key
    c.iv = iv
    d = c.update(e)
    d << c.final
  else
    text
  end
end

.encrypt_text(text) ⇒ Object



27
28
29
30
31
32
33
34
35
36
37
38
39
40
# File 'lib/redmine/ciphering.rb', line 27

def encrypt_text(text)
  if cipher_key.blank? || text.blank?
    text
  else
    c = OpenSSL::Cipher.new("aes-256-cbc")
    iv = c.random_iv
    c.encrypt
    c.key = cipher_key
    c.iv = iv
    e = c.update(text.to_s)
    e << c.final
    "aes-256-cbc:" + [e, iv].map {|v| Base64.strict_encode64(v)}.join('--')
  end
end

.included(base) ⇒ Object



22
23
24
# File 'lib/redmine/ciphering.rb', line 22

def self.included(base)
  base.extend ClassMethods
end

.loggerObject



66
67
68
# File 'lib/redmine/ciphering.rb', line 66

def logger
  Rails.logger
end