Class: SimpleCrypt

Inherits:
Object
  • Object
show all
Defined in:
lib/simple_crypt.rb

Overview

encrypts and stores and decrypts secrets

Instance Method Summary collapse

Instance Method Details

#decrypt(secret, pwd) ⇒ Object 



30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
 
# File 'lib/simple_crypt.rb', line 30

def decrypt(secret, pwd)
  salt = Base64.strict_decode64(secret.salt)
  secret_data = Base64.strict_decode64(secret.secret_data)
  decipher = OpenSSL::Cipher.new('aes-256-gcm')
  decipher.decrypt
  decipher.iv = Base64.strict_decode64(secret.iv)
  key = gen_key(pwd, salt)
  decipher.key = key
  decipher.auth_tag = Base64.strict_decode64(secret.auth_tag)
  decipher.auth_data = secret.auth_data
  begin
    decrypted = decipher.update(secret_data) + decipher.final
    return decrypted
  rescue OpenSSL::Cipher::CipherError
    return nil
  end
end

#encrypt(data, pwd) ⇒ Object 



12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
 
# File 'lib/simple_crypt.rb', line 12

def encrypt(data, pwd)
  cipher = OpenSSL::Cipher.new('aes-256-gcm')
  cipher.encrypt
  iv = cipher.random_iv
  salt = OpenSSL::Random.random_bytes 16
  auth_data = SecureRandom.urlsafe_base64(16)
  key = gen_key(pwd, salt)
  cipher.key = key
  cipher.auth_data = auth_data
  sec = Secret.new
  sec.secret_data = Base64.strict_encode64(cipher.update(data) + cipher.final)
  sec.iv = Base64.strict_encode64(iv)
  sec.salt = Base64.strict_encode64(salt)
  sec.auth_tag = Base64.strict_encode64(cipher.auth_tag)
  sec.auth_data = auth_data
  sec
end