Module: Pindo::AESHelper

Defined in:: lib/pindo/base/aeshelper.rb

Class Method Summary collapse

.aes_128_ecb_decrypt(key, decrypted_string) ⇒ Object
.aes_128_ecb_encrypt(key, encrypted_string) ⇒ Object
.decrypt_specific_file(src_file: nil, password: nil, output_dir: nil, hash_algorithm: "MD5") ⇒ Object

The encryption parameters in this implementations reflect the old behavior which depended on the users’ local OpenSSL version 1.0.x OpenSSL and earlier versions use MD5, 1.1.0c and newer uses SHA256, we try both before giving an error.
.delete_password(keychain_name: nil) ⇒ Object
.encrypt_specific_file(src_file: nil, password: nil, output_dir: nil) ⇒ Object
.fetch_password(keychain_name: nil, test_file: nil) ⇒ Object
.store_password(keychain_name: nil, password: nil) ⇒ Object

Class Method Details

.aes_128_ecb_decrypt(key, decrypted_string) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 68

def self.aes_128_ecb_decrypt(key, decrypted_string)
  cipher = OpenSSL::Cipher.new("AES-128-ECB")
  cipher.decrypt
  cipher.key = key
  text = cipher.update(Base64.strict_decode64(decrypted_string)) + cipher.final
  return text
end

.aes_128_ecb_encrypt(key, encrypted_string) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 59

def self.aes_128_ecb_encrypt(key, encrypted_string)
  cipher = OpenSSL::Cipher::Cipher.new('AES-128-ECB')
  cipher.encrypt
  cipher.key = key
  txt = cipher.update(encrypted_string) << cipher.final
  content =  Base64.strict_encode64(txt)
  return content
end

.decrypt_specific_file(src_file: nil, password: nil, output_dir: nil, hash_algorithm: "MD5") ⇒ `Object`

The encryption parameters in this implementations reflect the old behavior which depended on the users’ local OpenSSL version 1.0.x OpenSSL and earlier versions use MD5, 1.1.0c and newer uses SHA256, we try both before giving an error

# File 'lib/pindo/base/aeshelper.rb', line 91

def self.decrypt_specific_file(src_file: nil, password: nil, output_dir: nil, hash_algorithm: "MD5")

  begin
    destfile = File.join(output_dir, File.basename(src_file))
    e = Match::Encryption::MatchFileEncryption.new
    e.decrypt(file_path: src_file, password: password, output_path:destfile)
    return destfile
  rescue => error
      Funlog.instance.fancyinfo_error("解析文件失败: #{src_file}")
      raise Informative, error
      return nil
  end
end

.delete_password(keychain_name: nil) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 48

def self.delete_password(keychain_name:nil)
  server_name = ["match", keychain_name].join("_")
  Security::InternetPassword.delete(server:server_name)
end

.encrypt_specific_file(src_file: nil, password: nil, output_dir: nil) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 77

def self.encrypt_specific_file(src_file: nil, password: nil, output_dir: nil)
  UI.user_error!("No password supplied") if password.to_s.strip.length == 0

  destfile = File.join(output_dir, File.basename(src_file))
  e = Match::Encryption::MatchFileEncryption.new
  e.encrypt(file_path: src_file, password: password, output_path:destfile)
  return destfile
rescue error
  puts path
  raise Informative, error
end

.fetch_password(keychain_name: nil, test_file: nil) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 11

def self.fetch_password(keychain_name:nil, test_file:nil)
  # password = ENV["MATCH_PASSWORD"]

  server_name = ["match", keychain_name].join("_")

  item = Security::InternetPassword.find(server: server_name)

  password = item.password if item

  unless password
      puts "\e[33m[DEBUG] Keychain中未找到密码，需要用户输入: #{server_name}\e[0m" if ENV['PINDO_DEBUG']
      password = FastlaneCore::Helper.ask_password(message: "请输入证书仓库的加密密码: ", confirm: true)
      # 尝试添加密码到Keychain，如果已存在则先删除再添加
      begin
        # 先检查是否已存在，如果存在则删除
        existing_item = Security::InternetPassword.find(server: server_name)
        if existing_item
          # 重定向stderr到/dev/null来隐藏Keychain的详细输出
          system("security delete-internet-password -s '#{server_name}' 2>/dev/null")
          puts "\e[33m[DEBUG] 删除Keychain中的旧密码项: #{server_name}\e[0m" if ENV['PINDO_DEBUG']
        end
        
        # 添加新密码，重定向stderr到/dev/null来隐藏Keychain的详细输出
        system("security add-internet-password -s '#{server_name}' -w '#{password}' 2>/dev/null")
        puts "\e[32m[DEBUG] 密码已保存到Keychain: #{server_name}\e[0m" if ENV['PINDO_DEBUG']
      rescue => e
        # 忽略Keychain错误，继续使用密码
        # 错误信息可能包含 "already exists" 等，但不影响功能
        puts "\e[31m[DEBUG] Keychain操作错误: #{e.message}\e[0m" if ENV['PINDO_DEBUG']
      end
  else
      puts "\e[32m[DEBUG] 从Keychain获取密码成功: #{server_name}\e[0m" if ENV['PINDO_DEBUG']
  end

  return password
end

.store_password(keychain_name: nil, password: nil) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 53

def self.store_password(keychain_name:nil, password:nil)
  server_name = ["match", keychain_name].join("_")
  Security::InternetPassword.add(server_name, "", password)
end

Module: Pindo::AESHelper

Class Method Summary collapse

Class Method Details

.aes_128_ecb_decrypt(key, decrypted_string) ⇒ Object

.aes_128_ecb_encrypt(key, encrypted_string) ⇒ Object

.decrypt_specific_file(src_file: nil, password: nil, output_dir: nil, hash_algorithm: "MD5") ⇒ Object

.delete_password(keychain_name: nil) ⇒ Object

.encrypt_specific_file(src_file: nil, password: nil, output_dir: nil) ⇒ Object

.fetch_password(keychain_name: nil, test_file: nil) ⇒ Object