class Serket::FieldEncrypter
Used to encrypt a field given a public key, field delimiter, symmetric algorithm, encoding and format (:json or :delimited)
Attributes
encoding[RW]
field_delimiter[RW]
public_key_filepath[RW]
symmetric_algorithm[RW]
Public Class Methods
new(options = {})
click to toggle source
# File lib/serket/field_encrypter.rb, line 10 def initialize(options = {}) options ||= {} @public_key_filepath = Serket.configuration.public_key_path @field_delimiter = options[:field_delimiter] || Serket.configuration.delimiter @symmetric_algorithm = options[:symmetric_algorithm] || Serket.configuration.symmetric_algorithm @format = options[:format] || Serket.configuration.format @encoding = options[:encoding] || Serket.configuration.encoding end
Public Instance Methods
encrypt(field)
click to toggle source
Return encrypted string according to specified format. Return nil if field is whitespace.
# File lib/serket/field_encrypter.rb, line 22 def encrypt(field) return if field !~ /\S/ aes = OpenSSL::Cipher.new(symmetric_algorithm) aes_key = aes.random_key iv = aes.random_iv encrypt_data(iv, aes_key, field.force_encoding(encoding)) end
field_delimiter=(delimiter)
click to toggle source
Allow any field delimiter except a base64 character.
# File lib/serket/field_encrypter.rb, line 31 def field_delimiter=(delimiter) if delimiter =~ /[A-Za-z0-9\/+]/ raise "This is not a valid delimiter! Must not be a character in Base64." end @field_delimiter = delimiter end
Private Instance Methods
encrypt_data(iv, key, text)
click to toggle source
# File lib/serket/field_encrypter.rb, line 40 def encrypt_data(iv, key, text) public_key = OpenSSL::PKey::RSA.new(File.read(public_key_filepath)) encrypted_aes_key = public_key.public_encrypt(key) aes = OpenSSL::Cipher.new(symmetric_algorithm) aes.encrypt aes.key = key aes.iv = iv encrypted_text = aes.update(text) + aes.final parse(Base64.encode64(iv), Base64.encode64(encrypted_aes_key), Base64.encode64(encrypted_text)) end
parse(iv, encrypted_key, encrypted_text)
click to toggle source
Format the final encrypted string to be returned depending on specified format.
# File lib/serket/field_encrypter.rb, line 55 def parse(iv, encrypted_key, encrypted_text) case @format when :delimited [iv, field_delimiter, encrypted_key, field_delimiter, encrypted_text].join('') when :json hash = {} hash['iv'] = iv hash['key'] = encrypted_key hash['message'] = encrypted_text hash.to_json end end