module DoorMat::Crypto

Public Class Methods

current_skip_crypto_callback() click to toggle source
# File lib/door_mat/crypto.rb, line 22
def self.current_skip_crypto_callback
  RequestStore.store[:current_skip_crypto_callback] ||= DoorMat::Crypto::SkipCallback.new
end
decrypt_shared(secrets, with_key) click to toggle source
# File lib/door_mat/crypto.rb, line 16
def self.decrypt_shared(secrets, with_key)
  Array(secrets).map do |s|
    DoorMat::Crypto::SymmetricStore.decrypt(s, with_key)
  end
end
encrypt_shared(secrets, with_key) click to toggle source
# File lib/door_mat/crypto.rb, line 10
def self.encrypt_shared(secrets, with_key)
  Array(secrets).map do |s|
    DoorMat::Crypto::SymmetricStore.encrypt(s, with_key)[:ciphertext]
  end
end
secure_compare(lhs, rhs, constant_length=nil) click to toggle source

groups.google.com/group/rubyonrails-security/browse_thread/thread/da57f883530352ee# constant-time comparison algorithm to prevent timing attacks

# File lib/door_mat/crypto/secure_compare.rb, line 8
def secure_compare(lhs, rhs, constant_length=nil)
  constant_length ||= DoorMat.configuration.crypto_secure_compare_default_length
  constant_length = [constant_length.to_int, lhs.to_str.bytesize, rhs.to_str.bytesize].max
  random_padding = SecureRandom.random_bytes(constant_length)

  l = lhs.to_str.ljust(constant_length, random_padding).unpack "C#{constant_length}"
  r = rhs.to_str.ljust(constant_length, random_padding).unpack "C#{constant_length}"

  result = 0
  l.zip(r) { |a,b| result |= a ^ b }
  0 == result
end
skip_crypto_callback() { || ... } click to toggle source
# File lib/door_mat/crypto.rb, line 26
def self.skip_crypto_callback
  DoorMat::Crypto.current_skip_crypto_callback.skip!
  yield
ensure
  DoorMat::Crypto.current_skip_crypto_callback.reset
end

Private Instance Methods

secure_compare(lhs, rhs, constant_length=nil) click to toggle source

groups.google.com/group/rubyonrails-security/browse_thread/thread/da57f883530352ee# constant-time comparison algorithm to prevent timing attacks

# File lib/door_mat/crypto/secure_compare.rb, line 8
def secure_compare(lhs, rhs, constant_length=nil)
  constant_length ||= DoorMat.configuration.crypto_secure_compare_default_length
  constant_length = [constant_length.to_int, lhs.to_str.bytesize, rhs.to_str.bytesize].max
  random_padding = SecureRandom.random_bytes(constant_length)

  l = lhs.to_str.ljust(constant_length, random_padding).unpack "C#{constant_length}"
  r = rhs.to_str.ljust(constant_length, random_padding).unpack "C#{constant_length}"

  result = 0
  l.zip(r) { |a,b| result |= a ^ b }
  0 == result
end