class SecureToken::SecureTokenService::Encryptor

Public Class Methods

new(serializer) click to toggle source
# File lib/secure_token.rb, line 61
def initialize(serializer)
  @salt = SecureRandom.random_bytes(8)
  @serializer = serializer
end

Public Instance Methods

encrypt_and_sign(data, key_pair) click to toggle source
# File lib/secure_token.rb, line 66
def encrypt_and_sign(data, key_pair)
  serialized = @serializer.serialize(data)
  encrypted = encrypt(serialized, key_pair.encryption_key)
  signed = sign(encrypted, key_pair.signing_key)
  Base64.urlsafe_encode64(signed)
end

Private Instance Methods

encrypt(data, key) click to toggle source
# File lib/secure_token.rb, line 80
def encrypt(data, key)
  encrypter = OpenSSL::Cipher::Cipher.new CRYPT_ALGO
  encrypter.encrypt
  encrypter.pkcs5_keyivgen key, @salt

  encrypted = encrypter.update data
  encrypted << encrypter.final

  "#{@salt}#{encrypted}"
end
sign(data, key) click to toggle source
# File lib/secure_token.rb, line 75
def sign(data, key)
  signature = OpenSSL::HMAC.digest(OpenSSL::Digest.new(HASH_ALGO), key, data)
  "#{signature.force_encoding('ascii-8bit')}#{data.force_encoding('ascii-8bit')}"
end