Class: SfnParameters::Safe::Ssl
- Inherits:
-
SfnParameters::Safe
- Object
- SfnParameters::Safe
- SfnParameters::Safe::Ssl
- Defined in:
- lib/sfn-parameters/safe/ssl.rb
Overview
OpenSSL based Safe implementation
Constant Summary collapse
- DEFAULT_CIPHER =
Default cipher
"AES-256-CBC"
- CRYPT_ITER =
Maximum computation iteration length
10000
- CRYPT_KEY_LENGTH =
Default length of generated key
32
Instance Attribute Summary
Attributes inherited from SfnParameters::Safe
Instance Method Summary collapse
-
#initialize(*_) ⇒ self
constructor
Create OpenSSL backed safe.
-
#lock(value) ⇒ Hash
Lock a given value for storage.
-
#unlock(value) ⇒ String
Unlock a given value for access.
Methods inherited from SfnParameters::Safe
Constructor Details
#initialize(*_) ⇒ self
Create OpenSSL backed safe
26 27 28 29 30 31 32 33 34 |
# File 'lib/sfn-parameters/safe/ssl.rb', line 26 def initialize(*_) super unless arguments[:salt] arguments[:salt] = OpenSSL::Random.random_bytes(16) end unless arguments[:key] raise ArgumentError.new "Required `:key` argument unset for `Safe::Ssl`!" end end |
Instance Method Details
#lock(value) ⇒ Hash
Lock a given value for storage
40 41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'lib/sfn-parameters/safe/ssl.rb', line 40 def lock(value) cipher = build(arguments[:salt]) new_iv = cipher.random_iv cipher.iv = new_iv result = cipher.update(value) + cipher.final Smash.new( :iv => Base64.urlsafe_encode64(new_iv), :cipher => arguments.fetch(:cipher, DEFAULT_CIPHER), :content => Base64.urlsafe_encode64(result), :salt => Base64.urlsafe_encode64(arguments[:salt]), :sfn_parameters_lock => Bogo::Utility.snake(self.class.name.split("::").last), ) end |
#unlock(value) ⇒ String
Unlock a given value for access
61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 |
# File 'lib/sfn-parameters/safe/ssl.rb', line 61 def unlock(value) value = value.to_smash [:content, :iv, :salt].each do |key| unless value[key] raise ArgumentError.new("Missing required information `#{key}`") end end o_cipher = arguments[:cipher] arguments[:cipher] = value[:cipher] if value[:cipher] cipher = build( Base64.urlsafe_decode64(value[:salt]), Base64.urlsafe_decode64(value[:iv]) ) arguments[:cipher] = o_cipher string = Base64.urlsafe_decode64(value[:content]) cipher.update(string) + cipher.final end |