Module: Configliere::Crypter

Defined in:

lib/configliere/crypter.rb

Overview

Encrypt and decrypt values in configliere stores

Constant Summary

CIPHER_TYPE =

"aes-256-cbc"

Class Method Summary

• .decrypt(enc_ciphertext, encrypt_pass, options = {}) ⇒ String

  Decrypt the given string, using the key and iv supplied.

• .encrypt(plaintext, encrypt_pass, options = {}) ⇒ String

  Encrypt the given string.

Class Method Details

.decrypt(enc_ciphertext, encrypt_pass, options = {}) ⇒ String

Decrypt the given string, using the key and iv supplied

Parameters:

• ciphertext —

  the text to decrypt, probably produced with Crypter#decrypt

• encrypt_pass (String) —

  secret passphrase to decrypt with

Returns:

• (String) —

  the decrypted plaintext

# File 'lib/configliere/crypter.rb', line 38

def self.decrypt enc_ciphertext, encrypt_pass, options={}
  iv_and_ciphertext = Base64.decode64(enc_ciphertext)
  cipher    = new_cipher :decrypt, encrypt_pass, options
  cipher.iv, ciphertext = separate_iv_and_ciphertext(cipher, iv_and_ciphertext)
  plaintext = cipher.update(ciphertext)
  plaintext << cipher.final
  plaintext
end

.encrypt(plaintext, encrypt_pass, options = {}) ⇒ String

Encrypt the given string

Parameters:

• plaintext —

  the text to encrypt

• encrypt_pass (String) —

  secret passphrase to encrypt with

Returns:

• (String) —

  encrypted text, suitable for deciphering with Crypter#decrypt

# File 'lib/configliere/crypter.rb', line 21

def self.encrypt plaintext, encrypt_pass, options={}
  # The cipher's IV (Initialization Vector) is prepended (unencrypted) to
  # the ciphertext, which as far as I can tell is safe for our purposes:
  # http://www.ciphersbyritter.com/NEWS6/CBCIV.HTM
  cipher     = new_cipher :encrypt, encrypt_pass, options
  cipher.iv  = iv = cipher.random_iv
  ciphertext = cipher.update(plaintext)
  ciphertext << cipher.final
  Base64.encode64(combine_iv_and_ciphertext(iv, ciphertext))
end