encrypted_text

Password-based, two-way encryption with string output. Uses AES encryption.

Usage example

In order to encode or decode a message, you should know the key and signature ahead of time.

• The key is a 16-, 24-, or 32-character string, used as an AES encryption key.
• The signature is prepended to the message before encryption, and verified after decryption.

require 'encrypted_text'

codec = EncryptedText.new(
  :signature => '!@#$1234!@#$', # Should not resemble actual message content
  :key => '0123456789ABCDEF' # Should be 16, 24, or 32 chars long
)

encoded = codec.encode("Hello, world!")
original_message = codec.decode(encoded)

You can also add a random salt, so that repeated encodings of the same message produce different results.

# Continued from previous example
code.salt_size = 8
message = "Hello, world!"

a = codec.encode(message)
b = codec.encode(message) # Should be a different result!

Motivation

Among other things, this library is useful for generating tokens that seem opaque to the outside world, but actually encode real information.

For example, in situations where tokens are passed from a service to an outside party and then back again, the service needs some way of resolving tokens passed back to it. Oftentimes this means performing a lookup on a stored mapping (e.g. a database query) between the token and some kind of cleartext data that outside parties never see. But this comes with all the clumsiness of maintaining and interacting with a persistent data store. For some applications, it might be acceptable simply to encode data directly into the token itself, using a secret that only the originating service has access to. EncryptedText provides a simple API to accomplish this.