Class: SafeDb::ToolBelt::Blowfish
- Inherits:
-
Object
- Object
- SafeDb::ToolBelt::Blowfish
- Defined in:
- lib/utils/ciphers/blowfish.rb
Overview
Blowfish is a symmetric encryption cipher which inherits extends the Cipher base class in order to implement plug and play symmetric encryption.
Blowfish is still uncrackable - however its successor (TwoFish) has been reinforced to counter the growth of super-computer brute force resources.
Constant Summary collapse
- BLOWFISH_CIPHER_ID =
The blowfish cipher id constant is used to
initialize
an OpenSSL::Cipher class instance. "BF-ECB"
- BLOWFISH_BLOCK_LEN =
Blowfish constrains the length of incoming plain text forcing it to be a multiple of eight (8).
8
Class Method Summary collapse
-
.decryptor(cipher_text, decryption_key) ⇒ String
Decrypt the cipher text parameter using the symmetric decryption key specified in the second parameter.
-
.encryptor(plain_text, encryption_key) ⇒ String
Encrypt the (plain) text parameter using the symmetric encryption key specified in the second parameter and return the base64 encoded representation of the cipher text.
Class Method Details
.decryptor(cipher_text, decryption_key) ⇒ String
Decrypt the cipher text parameter using the symmetric decryption key specified in the second parameter. The cipher text is expected to have already been decoded if necessary.
Its okay to use a bespoke encryptor - just ensure you encode the result and override the padding constant.
Blowfish is a block cipher meaning it needs both the key and the plain text inputted to conform to a divisible block length.
Don’t worry about this block length requirement as this decrption method takes care of the reversing the activities carried out by selfself.encryptor.
109 110 111 112 113 114 115 116 117 118 119 120 121 |
# File 'lib/utils/ciphers/blowfish.rb', line 109 def self.decryptor cipher_text, decryption_key digested_key = Digest::SHA256.digest decryption_key decrypt_tool = OpenSSL::Cipher.new(BLOWFISH_CIPHER_ID).decrypt decrypt_tool.key = digested_key padded_plaintxt = decrypt_tool.update(cipher_text) << decrypt_tool.final pad_begin_index = padded_plaintxt.index CryptIO::TEXT_PADDER return padded_plaintxt if pad_begin_index.nil? return padded_plaintxt[ 0 .. (pad_begin_index-1) ] end |
.encryptor(plain_text, encryption_key) ⇒ String
Encrypt the (plain) text parameter using the symmetric encryption key specified in the second parameter and return the base64 encoded representation of the cipher text.
Blowfish is a block cipher meaning it needs both the key and the plain text inputted to conform to a divisible block length.
Don’t worry about this block length requirement as this encrption method takes care of it and its sister method selfself.decryptor will also perform the correct reversal activities to give you back the original plain text.
Base64.urlsafe_encode64 facilitates the ciphertext encoding returning text that is safe to write to a file.
58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 |
# File 'lib/utils/ciphers/blowfish.rb', line 58 def self.encryptor plain_text, encryption_key shortkey_msg = "The #{encryption_key.length} character encryption key is too short." raise ArgumentError, shortkey_msg unless encryption_key.length > 8 log.info(x) { "os blowfish request to encrypt plain text with provided key." } block_txt = plain_text block_txt += CryptIO::TEXT_PADDER until block_txt.bytesize % BLOWFISH_BLOCK_LEN == 0 raw_stretched_key = Digest::SHA256.digest(encryption_key) blowfish_encryptor = OpenSSL::Cipher.new(BLOWFISH_CIPHER_ID).encrypt blowfish_encryptor.key = raw_stretched_key return blowfish_encryptor.update(block_txt) << blowfish_encryptor.final end |