Class: TokenAuthenticatableStrategies::EncryptionHelper
- Inherits:
-
Object
- Object
- TokenAuthenticatableStrategies::EncryptionHelper
- Defined in:
- app/models/concerns/token_authenticatable_strategies/encryption_helper.rb
Constant Summary collapse
- DYNAMIC_NONCE_IDENTIFIER =
"|"
- NONCE_SIZE =
12
Class Method Summary collapse
Class Method Details
.decrypt_token(token) ⇒ Object
8 9 10 11 12 13 14 15 16 17 18 19 20 |
# File 'app/models/concerns/token_authenticatable_strategies/encryption_helper.rb', line 8 def self.decrypt_token(token) return unless token # The pattern of the token is "#{DYNAMIC_NONCE_IDENTIFIER}#{token}#{iv_of_12_characters}" if token.start_with?(DYNAMIC_NONCE_IDENTIFIER) && token.size > NONCE_SIZE + DYNAMIC_NONCE_IDENTIFIER.size token_to_decrypt = token[1...-NONCE_SIZE] iv = token[-NONCE_SIZE..] Gitlab::CryptoHelper.aes256_gcm_decrypt(token_to_decrypt, nonce: iv) else Gitlab::CryptoHelper.aes256_gcm_decrypt(token) end end |
.encrypt_token(plaintext_token) ⇒ Object
22 23 24 25 26 |
# File 'app/models/concerns/token_authenticatable_strategies/encryption_helper.rb', line 22 def self.encrypt_token(plaintext_token) iv = ::Digest::SHA256.hexdigest(plaintext_token).bytes.take(NONCE_SIZE).pack('c*') token = Gitlab::CryptoHelper.aes256_gcm_encrypt(plaintext_token, nonce: iv) "#{DYNAMIC_NONCE_IDENTIFIER}#{token}#{iv}" end |