module SimpleRPC::Encryption
Handles openssl-based encryption of authentication details
The auth system used is not terribly secure, but will guard against casual attackers. If you are particularly concerned, turn it off and use SSH tunnels.
Constants
- CIPHER_STRENGTH
How strong to make the AES encryption
Public Class Methods
decrypt(raw, secret, salt)
click to toggle source
Decrypt data
# File lib/simplerpc/encryption.rb, line 27 def self.decrypt(raw, secret, salt) # Decrypt raw input decipher = OpenSSL::Cipher::AES.new(CIPHER_STRENGTH, :CBC) decipher.decrypt decipher.key = salt_key(salt, secret) return decipher.update(raw) + decipher.final end
encrypt(password, secret, salt)
click to toggle source
Encrypt data
# File lib/simplerpc/encryption.rb, line 18 def self.encrypt(password, secret, salt) # Encrypt with salted key cipher = OpenSSL::Cipher::AES.new(CIPHER_STRENGTH, :CBC) cipher.encrypt cipher.key = salt_key(salt, secret) return cipher.update(password) + cipher.final end
salt_key(salt, key)
click to toggle source
Salt a key by simply adding the two together
# File lib/simplerpc/encryption.rb, line 37 def self.salt_key(salt, key) return salt.encode('ASCII-8BIT', :undef => :replace, :invalid => :replace) + key.encode('ASCII-8BIT', :undef => :replace, :invalid => :replace) end