Module: Pindo::AESHelper

Defined in:: lib/pindo/base/aeshelper.rb

Class Method Summary collapse

.aes_128_ecb_decrypt(key, decrypted_string) ⇒ Object
.aes_128_ecb_encrypt(key, encrypted_string) ⇒ Object
.decrypt_specific_file(src_file: nil, password: nil, output_dir: nil, hash_algorithm: "MD5") ⇒ Object

The encryption parameters in this implementations reflect the old behavior which depended on the users’ local OpenSSL version 1.0.x OpenSSL and earlier versions use MD5, 1.1.0c and newer uses SHA256, we try both before giving an error.
.delete_password(keychain_name: nil) ⇒ Object
.encrypt_specific_file(src_file: nil, password: nil, output_dir: nil) ⇒ Object
.fetch_password(keychain_name: nil, test_file: nil) ⇒ Object
.store_password(keychain_name: nil, password: nil) ⇒ Object

Class Method Details

.aes_128_ecb_decrypt(key, decrypted_string) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 102

def self.aes_128_ecb_decrypt(key, decrypted_string)
  cipher = OpenSSL::Cipher.new("AES-128-ECB")
  cipher.decrypt
  cipher.key = key
  text = cipher.update(Base64.strict_decode64(decrypted_string)) + cipher.final
  return text
end

.aes_128_ecb_encrypt(key, encrypted_string) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 93

def self.aes_128_ecb_encrypt(key, encrypted_string)
  cipher = OpenSSL::Cipher::Cipher.new('AES-128-ECB')
  cipher.encrypt
  cipher.key = key
  txt = cipher.update(encrypted_string) << cipher.final
  content =  Base64.strict_encode64(txt)
  return content
end

.decrypt_specific_file(src_file: nil, password: nil, output_dir: nil, hash_algorithm: "MD5") ⇒ `Object`

The encryption parameters in this implementations reflect the old behavior which depended on the users’ local OpenSSL version 1.0.x OpenSSL and earlier versions use MD5, 1.1.0c and newer uses SHA256, we try both before giving an error

# File 'lib/pindo/base/aeshelper.rb', line 125

def self.decrypt_specific_file(src_file: nil, password: nil, output_dir: nil, hash_algorithm: "MD5")

  begin
    destfile = File.join(output_dir, File.basename(src_file))
    e = Match::Encryption::MatchFileEncryption.new
    e.decrypt(file_path: src_file, password: password, output_path:destfile)
    return destfile
  rescue => error
      Funlog.instance.fancyinfo_error("解析文件失败: #{src_file}")
      raise Informative, error
      return nil
  end
end

.delete_password(keychain_name: nil) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 32

def self.delete_password(keychain_name:nil)
  server_name = ["match", keychain_name].join("_")
  # 静默删除密码，不输出 keychain 详细信息（文件描述符级别重定向）
  begin
    old_stdout = STDOUT.dup
    old_stderr = STDERR.dup
    STDOUT.reopen(File::NULL, 'w')
    STDERR.reopen(File::NULL, 'w')

    Security::InternetPassword.delete(server:server_name)
  ensure
    STDOUT.reopen(old_stdout)
    STDERR.reopen(old_stderr)
    old_stdout.close
    old_stderr.close
  end
rescue => e
  # 忽略错误（密码可能不存在）
end

.encrypt_specific_file(src_file: nil, password: nil, output_dir: nil) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 111

def self.encrypt_specific_file(src_file: nil, password: nil, output_dir: nil)
  UI.user_error!("No password supplied") if password.to_s.strip.length == 0

  destfile = File.join(output_dir, File.basename(src_file))
  e = Match::Encryption::MatchFileEncryption.new
  e.encrypt(file_path: src_file, password: password, output_path:destfile)
  return destfile
rescue error
  puts path
  raise Informative, error
end

.fetch_password(keychain_name: nil, test_file: nil) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 12

def self.fetch_password(keychain_name:nil, test_file:nil)
  # password = ENV["MATCH_PASSWORD"]

  server_name = ["match", keychain_name].join("_")

  item = Security::InternetPassword.find(server: server_name)

  password = item.password if item

  unless password
      puts "\e[33m[DEBUG] Keychain中未找到密码，需要用户输入: #{server_name}\e[0m" if ENV['PINDO_DEBUG']
      password = FastlaneCore::Helper.ask_password(message: "请输入证书仓库的加密密码: ", confirm: true)
      puts "\e[33m[DEBUG] 用户输入密码成功，等待验证后保存到Keychain\e[0m" if ENV['PINDO_DEBUG']
  else
      puts "\e[32m[DEBUG] 从Keychain获取密码成功: #{server_name}\e[0m" if ENV['PINDO_DEBUG']
  end

  return password
end

.store_password(keychain_name: nil, password: nil) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 52

def self.store_password(keychain_name:nil, password:nil)
  server_name = ["match", keychain_name].join("_")

  # 先检查密码是否已存在，如果存在则无需重复保存
  begin
    item = Security::InternetPassword.find(server: server_name)
    if item && item.password == password
      puts "\e[33m[DEBUG] 密码已存在于Keychain，跳过保存: #{server_name}\e[0m" if ENV['PINDO_DEBUG']
      return
    end
  rescue => e
    # 密码不存在，继续保存流程
  end

  # 静默操作，避免输出错误信息（文件描述符级别重定向）
  begin
    old_stdout = STDOUT.dup
    old_stderr = STDERR.dup
    STDOUT.reopen(File::NULL, 'w')
    STDERR.reopen(File::NULL, 'w')

    # 先尝试删除旧密码（如果存在但不同）
    begin
      Security::InternetPassword.delete(server:server_name)
    rescue => e
      # 忽略删除错误（密码可能不存在）
    end

    # 添加新密码
    Security::InternetPassword.add(server_name, "", password)
  ensure
    STDOUT.reopen(old_stdout)
    STDERR.reopen(old_stderr)
    old_stdout.close
    old_stderr.close
  end
rescue => e
  # 忽略错误，不影响主流程
end

Module: Pindo::AESHelper

Class Method Summary collapse

Class Method Details

.aes_128_ecb_decrypt(key, decrypted_string) ⇒ Object

.aes_128_ecb_encrypt(key, encrypted_string) ⇒ Object

.decrypt_specific_file(src_file: nil, password: nil, output_dir: nil, hash_algorithm: "MD5") ⇒ Object

.delete_password(keychain_name: nil) ⇒ Object

.encrypt_specific_file(src_file: nil, password: nil, output_dir: nil) ⇒ Object

.fetch_password(keychain_name: nil, test_file: nil) ⇒ Object