Module: Kernel

Defined in:


Using Shhh Library

This library is a “wrapper” that allows you to take advantage of the symmetric encryption functionality provided by the OpenSSL gem (and the underlying C library). In order to use the library in your ruby classes, you should include the module Shhh.

The including class is decorated with four instance methods from the module Shhh::Extensions::InstanceMethods and two class methods from Shhh::Extensions::ClassMethods – for specifics, please refer there.

The two main instance methods are #encr and #decr, which as the name implies, perform two-way symmetric encryption and decryption of any Ruby object that can be marshaled.

Two additional instance methods #encr_password and #decr_password turn on password-based encryption, which actually uses a password to construct a 128-bit long private key, and then uses that in the encryption of the data. You could use them to encrypt data with a password instead of a randomly generated private key.

The library comes with a rich CLI interface, which is mostly encapsulated under the Shhh::App namespace.

The shhh executable that is the “app” in this case, and is a user of the API methods #encr and #decr.

Create a new key with #create_private_key class method, which returns a new key every time it's called, or with #private_key class method, which either assigns, or creates and caches the private key at a class level.


require 'shhh'

class TestClass
  include Shhh
  # read the key from environmant variable and assign to this class.
  private_key ENV['PRIVATE_KEY']

  def sensitive_value=(value)
    @sensitive_value = encr(value, self.class.private_key)

  def sensitive_value
    decr(@sensitive_value, self.class.private_key)

Private Key

They private key can be generated by TestClass.create_private_key which returns but does not store a new random 256-bit key.

The key can be assigned and saved, or auto-generated and saved using the #private_key method on the class that includes the Shhh module.

Each class including the Shhh module would get their own +#private_key# class-instance variable accessor, and a possible value.

For example:

Instance Method Summary collapse

Instance Method Details

#require_dir(___dir) ⇒ Object

# File 'lib/shhh.rb', line 81

def require_dir(___dir)
  @___dir ||= File.dirname(__FILE__)
  # require files using a consistent order based on the dir/file name.
  # this should be OS-neutral
  Dir["#{@___dir}/#{___dir}/*.rb"].sort.each do |___file|