class CarrierWave::Secure::Cipher

Encrypts and decrypts data

Constants

AUTH_TAG_LENGTH
DEFAULT_KEY_LENGTH

Public Class Methods

new(key) click to toggle source
# File lib/carrierwave/secure/cipher.rb, line 14
def initialize(key)
  @key = key
end

Public Instance Methods

decrypt(data) click to toggle source
# File lib/carrierwave/secure/cipher.rb, line 27
def decrypt(data)
  ssl = OpenSSL::Cipher::AES.new(key_length_bits, :gcm)
  ssl.decrypt
  ssl.key = @key
  ssl.auth_tag = data.slice!(-AUTH_TAG_LENGTH..-1)
  ssl.iv = data.slice!(-ssl.iv_len..-1)
  ssl.update(data) << ssl.final
end
encrypt(data) click to toggle source
# File lib/carrierwave/secure/cipher.rb, line 18
def encrypt(data)
  ssl = OpenSSL::Cipher::AES.new(key_length_bits, :gcm)
  ssl.encrypt
  ssl.key = @key
  iv = ssl.random_iv
  ssl.iv = iv
  ssl.update(data) << ssl.final << iv << ssl.auth_tag
end
random_key() click to toggle source
# File lib/carrierwave/secure/cipher.rb, line 36
def random_key
  OpenSSL::Cipher::AES.new(key_length_bits, :gcm).random_key
end

Private Instance Methods

key_length_bits() click to toggle source
# File lib/carrierwave/secure/cipher.rb, line 42
def key_length_bits
  @key && @key.length * 8 || DEFAULT_KEY_LENGTH
end