encrypted_text

Password-based, two-way encryption with string output. Uses AES encryption

Usage example

In order to encode or decode a message, you should know the key and signature ahead of time. The key is a 16-, 24-, or 32-character string used for AES encryption key. The signature is prepended to the message before encryption, and verified after decryption.

require 'encrypted_text'

codec = EncryptedText.new(
  :signature => '!@#$1234!@#$', # Should not resemble actual message content
  :key => '0123456789ABCDEF' # Should be 16, 24, or 32 chars long
)

encoded = codec.encode("Hello, world!")
original_message = codec.decode(encoded)

You can also add a random seed, so that repeated encodings of the same message produce different results.

# Continued from previous example
code.salt_size = 8
message = "Hello, world!"

a = codec.encode(message)
b = codec.encode(message) # Should be a different result!

Motivation

I wrote this library so I could generate tokens that encoded actual information, but seemed opaque and pseudo-random to the outside world.

In situations where tokens are passed from a service to an outside party and then back again, the service needs some way of resolving tokens passed back to it. Oftentimes this means performing a lookup on a stored mapping (e.g. a database query) between the token and some kind of cleartext data that outside parties never see. But this comes with all the clumsiness of maintaining and interacting with a persistent data store. For some applications, it might be acceptable simply to encode data directly into the token itself, using a secret that only the originating service has access to. EncryptedText provides a simple API to accomplish this.