Module: Gitlab::CryptoHelper

Extended by:
CryptoHelper
Included in:
CryptoHelper
Defined in:
lib/gitlab/crypto_helper.rb

Constant Summary collapse

AES256_GCM_OPTIONS =
{
  algorithm: 'aes-256-gcm',
  key: Settings.attr_encrypted_db_key_base_32
}.freeze
AES256_GCM_IV_STATIC =
Settings.attr_encrypted_db_key_base_12

Instance Method Summary collapse

Instance Method Details

#aes256_gcm_decrypt(value, nonce: AES256_GCM_IV_STATIC) ⇒ Object



24
25
26
27
28
29
# File 'lib/gitlab/crypto_helper.rb', line 24

def aes256_gcm_decrypt(value, nonce: AES256_GCM_IV_STATIC)
  return unless value

  encrypted_token = Base64.decode64(value)
  Encryptor.decrypt(AES256_GCM_OPTIONS.merge(value: encrypted_token, iv: nonce))
end

#aes256_gcm_encrypt(value, nonce: AES256_GCM_IV_STATIC) ⇒ Object



19
20
21
22
# File 'lib/gitlab/crypto_helper.rb', line 19

def aes256_gcm_encrypt(value, nonce: AES256_GCM_IV_STATIC)
  encrypted_token = Encryptor.encrypt(AES256_GCM_OPTIONS.merge(value: value, iv: nonce))
  Base64.strict_encode64(encrypted_token)
end

#sha256(value) ⇒ Object



14
15
16
17
# File 'lib/gitlab/crypto_helper.rb', line 14

def sha256(value)
  salt = Settings.attr_encrypted_db_key_base_truncated
  ::Digest::SHA256.base64digest("#{value}#{salt}")
end