Class: SfnParameters::Safe::Ssl
- Inherits:
-
SfnParameters::Safe
- Object
- SfnParameters::Safe
- SfnParameters::Safe::Ssl
- Defined in:
- lib/sfn-parameters/safe/ssl.rb
Overview
OpenSSL based Safe implementation
Constant Summary collapse
- DEFAULT_CIPHER =
Default cipher
'AES-256-CBC'
- CRYPT_ITER =
Maximum computation iteration length
10000
- CRYPT_KEY_LENGTH =
Default length of generated key
32
Instance Attribute Summary
Attributes inherited from SfnParameters::Safe
Instance Method Summary collapse
-
#initialize(*_) ⇒ self
constructor
Create OpenSSL backed safe.
-
#lock(value) ⇒ Hash
Lock a given value for storage.
-
#unlock(value) ⇒ String
Unlock a given value for access.
Methods inherited from SfnParameters::Safe
Constructor Details
#initialize(*_) ⇒ self
Create OpenSSL backed safe
26 27 28 29 30 31 32 33 34 |
# File 'lib/sfn-parameters/safe/ssl.rb', line 26 def initialize(*_) super unless(arguments[:salt]) arguments[:salt] = OpenSSL::Random.random_bytes(16) end unless(arguments[:key]) raise ArgumentError.new 'Required `:key` argument unset for `Safe::Ssl`!' end end |
Instance Method Details
#lock(value) ⇒ Hash
Lock a given value for storage
40 41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'lib/sfn-parameters/safe/ssl.rb', line 40 def lock(value) cipher = build(arguments[:salt]) new_iv = cipher.random_iv cipher.iv = new_iv result = cipher.update(value) + cipher.final Smash.new( :iv => Base64.urlsafe_encode64(new_iv), :cipher => arguments.fetch(:cipher, DEFAULT_CIPHER), :content => Base64.urlsafe_encode64(result), :salt => Base64.urlsafe_encode64(arguments[:salt]), :sfn_parameters_lock => Bogo::Utility.snake(self.class.name.split('::').last) ) end |
#unlock(value) ⇒ String
Unlock a given value for access
61 62 63 64 65 66 67 68 69 70 71 72 |
# File 'lib/sfn-parameters/safe/ssl.rb', line 61 def unlock(value) value = value.to_smash o_cipher = arguments[:cipher] arguments[:cipher] = value[:cipher] if value[:cipher] cipher = build( Base64.urlsafe_decode64(value[:salt]), Base64.urlsafe_decode64(value[:iv]) ) arguments[:cipher] = o_cipher string = Base64.urlsafe_decode64(value[:content]) cipher.update(string) + cipher.final end |