module SimpleRPC::Encryption

Handles openssl-based encryption of authentication details

The auth system used is not terribly secure, but will guard against casual attackers. If you are particularly concerned, turn it off and use SSH tunnels.

Constants

CIPHER_STRENGTH

How strong to make the AES encryption

Public Class Methods

decrypt(raw, secret, salt) click to toggle source

Decrypt data

# File lib/simplerpc/encryption.rb, line 27
def self.decrypt(raw, secret, salt)
    # Decrypt raw input
    decipher      = OpenSSL::Cipher::AES.new(CIPHER_STRENGTH, :CBC)
    decipher.decrypt
    decipher.key  = salt_key(salt, secret)
    return decipher.update(raw) + decipher.final
end
encrypt(password, secret, salt) click to toggle source

Encrypt data

# File lib/simplerpc/encryption.rb, line 18
def self.encrypt(password, secret, salt)
    # Encrypt with salted key
    cipher         = OpenSSL::Cipher::AES.new(CIPHER_STRENGTH, :CBC)
    cipher.encrypt
    cipher.key     = salt_key(salt, secret)
    return cipher.update(password) + cipher.final
end
salt_key(salt, key) click to toggle source

Salt a key by simply adding the two together

# File lib/simplerpc/encryption.rb, line 37
def self.salt_key(salt, key)
  return salt.encode('ASCII-8BIT', :undef => :replace, :invalid => :replace) + 
          key.encode('ASCII-8BIT', :undef => :replace, :invalid => :replace)
end