Module: Pindo::AESHelper

Defined in:: lib/pindo/base/aeshelper.rb

Class Method Summary collapse

.aes_128_ecb_decrypt(key, decrypted_string) ⇒ Object
.aes_128_ecb_encrypt(key, encrypted_string) ⇒ Object
.decrypt_specific_file(src_file: nil, password: nil, output_dir: nil, hash_algorithm: "MD5") ⇒ Object

The encryption parameters in this implementations reflect the old behavior which depended on the users’ local OpenSSL version 1.0.x OpenSSL and earlier versions use MD5, 1.1.0c and newer uses SHA256, we try both before giving an error.
.delete_password(keychain_name: nil) ⇒ Object
.encrypt_specific_file(src_file: nil, password: nil, output_dir: nil) ⇒ Object
.fetch_password(keychain_name: nil) ⇒ Object
.store_password(keychain_name: nil, password: nil) ⇒ Object

Class Method Details

.aes_128_ecb_decrypt(key, decrypted_string) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 45

def self.aes_128_ecb_decrypt(key, decrypted_string)
  cipher = OpenSSL::Cipher.new("AES-128-ECB")
  cipher.decrypt
  cipher.key = key
  text = cipher.update(Base64.strict_decode64(decrypted_string)) + cipher.final
  return text
end

.aes_128_ecb_encrypt(key, encrypted_string) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 36

def self.aes_128_ecb_encrypt(key, encrypted_string)
  cipher = OpenSSL::Cipher::Cipher.new('AES-128-ECB')
  cipher.encrypt
  cipher.key = key
  txt = cipher.update(encrypted_string) << cipher.final
  content =  Base64.strict_encode64(txt)
  return content
end

.decrypt_specific_file(src_file: nil, password: nil, output_dir: nil, hash_algorithm: "MD5") ⇒ `Object`

The encryption parameters in this implementations reflect the old behavior which depended on the users’ local OpenSSL version 1.0.x OpenSSL and earlier versions use MD5, 1.1.0c and newer uses SHA256, we try both before giving an error

# File 'lib/pindo/base/aeshelper.rb', line 76

def self.decrypt_specific_file(src_file: nil, password: nil, output_dir: nil, hash_algorithm: "MD5")
  
  begin 
    stored_data = Base64.decode64(File.read(src_file))
    salt = stored_data[8..15]
    data_to_decrypt = stored_data[16..-1]

    decipher = ::OpenSSL::Cipher.new('AES-256-CBC')
    decipher.decrypt
    decipher.pkcs5_keyivgen(password, salt, 1, hash_algorithm)

    decrypted_data = decipher.update(data_to_decrypt) + decipher.final
    destfile = File.join(output_dir, File.basename(src_file))
    File.binwrite(destfile, decrypted_data)
    return destfile
  rescue => error
    fallback_hash_algorithm = "SHA256"
    if hash_algorithm != fallback_hash_algorithm
      decrypt_specific_file(src_file: src_file, password: password, hash_algorithm: fallback_hash_algorithm)
    else
      Funlog.instance.fancyinfo_error("解析文件失败: #{src_file}")
      return nil
    end
  end
end

.delete_password(keychain_name: nil) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 25

def self.delete_password(keychain_name:nil)
  server_name = ["match", keychain_name].join("_")
  Security::InternetPassword.delete(server:server_name)
end

.encrypt_specific_file(src_file: nil, password: nil, output_dir: nil) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 54

def self.encrypt_specific_file(src_file: nil, password: nil, output_dir: nil)
  UI.user_error!("No password supplied") if password.to_s.strip.length == 0

  data_to_encrypt = File.binread(path)
  salt = SecureRandom.random_bytes(8)

  # The :: is important, as there is a name clash
  cipher = ::OpenSSL::Cipher.new('AES-256-CBC')
  cipher.encrypt
  cipher.pkcs5_keyivgen(password, salt, 1, "MD5")
  encrypted_data = "Salted__" + salt + cipher.update(data_to_encrypt) + cipher.final

  destfile = File.join(output_dir, File.basename(src_file))
  File.write(destfile, Base64.encode64(encrypted_data))
  return destfile
rescue error
  puts path
  raise Informative, error
end

.fetch_password(keychain_name: nil) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 9

def self.fetch_password(keychain_name:nil)
  # password = ENV["MATCH_PASSWORD"]

  server_name = ["match", keychain_name].join("_")

  item = Security::InternetPassword.find(server: server_name)

  password = item.password if item

  unless password
      password = FastlaneCore::Helper.ask_password(message: "请输入证书仓库的加密密码: ", confirm: true)
      Security::InternetPassword.add(server_name, "", password)     
  end
  return password
end

.store_password(keychain_name: nil, password: nil) ⇒ `Object`

# File 'lib/pindo/base/aeshelper.rb', line 30

def self.store_password(keychain_name:nil, password:nil)
  server_name = ["match", keychain_name].join("_")
  Security::InternetPassword.add(server_name, "", password)
end

Module: Pindo::AESHelper

Class Method Summary collapse

Class Method Details

.aes_128_ecb_decrypt(key, decrypted_string) ⇒ Object

.aes_128_ecb_encrypt(key, encrypted_string) ⇒ Object

.decrypt_specific_file(src_file: nil, password: nil, output_dir: nil, hash_algorithm: "MD5") ⇒ Object

.delete_password(keychain_name: nil) ⇒ Object

.encrypt_specific_file(src_file: nil, password: nil, output_dir: nil) ⇒ Object

.fetch_password(keychain_name: nil) ⇒ Object