Class: ComplexConfig::Encryption

Inherits:

Object

• Object
• ComplexConfig::Encryption

Defined in:

lib/complex_config/encryption.rb

Defined Under Namespace

Classes: DecryptionFailed, EncryptionError

Instance Method Summary

• #decrypt(text) ⇒ Object
• #encrypt(text) ⇒ Object
• #initialize(secret) ⇒ Encryption constructor

  A new instance of Encryption.

Constructor Details

#initialize(secret) ⇒ Encryption

Returns a new instance of Encryption.

# File 'lib/complex_config/encryption.rb', line 9

def initialize(secret)
  @secret = secret
  @cipher = OpenSSL::Cipher.new('aes-128-gcm')
end

Instance Method Details

#decrypt(text) ⇒ Object

# File 'lib/complex_config/encryption.rb', line 31

def decrypt(text)
  encrypted, iv, auth_tag = text.split('--').map { |v| base64_decode(v) }

  auth_tag.nil? || auth_tag.bytes.length != 16 and
    raise DecryptionFailed, "auth_tag #{auth_tag.inspect} invalid"

  @cipher.decrypt
  @cipher.key = @secret
  @cipher.iv  = iv
  @cipher.auth_tag = auth_tag
  @cipher.auth_data = ""

  decrypted_data = @cipher.update(encrypted)
  decrypted_data << @cipher.final

  Marshal.load(decrypted_data)
end

#encrypt(text) ⇒ Object

# File 'lib/complex_config/encryption.rb', line 14

def encrypt(text)

  @cipher.encrypt
  @cipher.key = @secret
  iv = @cipher.random_iv
  @cipher.auth_data = ""

  encrypted = @cipher.update(Marshal.dump(text))
  encrypted << @cipher.final

  [
    encrypted,
    iv,
    @cipher.auth_tag
  ].map { |v| base64_encode(v) }.join('--')
end