module CryptKeeper::Helper::DigestPassphrase
Constants
- HASH_ALGORITHM
Private: Hash algorithm to use when generating a PBKDF2 passphrase.
Returns a String.
- ITERATIONS
Private: Iterations to use when generating a PBKDF2 passphrase.
Returns a String.
Public Instance Methods
digest_passphrase(key, salt)
click to toggle source
Public: Generates a hex passphrase using the given key and salt.
key - Encryption key salt - Encryption salt
Returns a String.
# File lib/crypt_keeper/helper.rb, line 76 def digest_passphrase(key, salt) raise ArgumentError.new("Missing :key") if key.blank? raise ArgumentError.new("Missing :salt") if salt.blank? require "openssl" digest = OpenSSL::Digest.new(hash_algorithm) hmac = OpenSSL::PKCS5.pbkdf2_hmac( key, salt, iterations, digest.digest_length, digest ) hmac.unpack("H*").first end
Private Instance Methods
hash_algorithm()
click to toggle source
Private: Hash algorithm to use for digest passphrase.
Returns a String.
# File lib/crypt_keeper/helper.rb, line 100 def hash_algorithm if hash = ENV["ARMOR_HASH"] warn :ARMOR_HASH unless hash == HASH_ALGORITHM hash else HASH_ALGORITHM end end
warn(key)
click to toggle source
Private: Warns about the deprecated ENV vars used with the Armor gem.
key - The ENV variable name
Returns a String.
# File lib/crypt_keeper/helper.rb, line 114 def warn(key) require "active_support/deprecation" ActiveSupport::Deprecation.warn <<-MSG.squish CryptKeeper no longer uses the Armor gem to generate passphrases for MySQL AES encryption. Your installation is using a non-standard value for `ENV["#{key}"]` which affects the way passphrases are generated. You will need to re-encrypt your data with this variable removed prior to CryptKeeper v3.0.0. MSG end