Module: SecurizeString::CipherMethods::ClassMethods
- Defined in:
- lib/securize_string/cipher_methods.rb
Overview
Adds class methods for OpenSSL::Cipher support, including AES encryption, via inclusion of SecurizeString::CipherMethods into a class.
Instance Method Summary collapse
-
#aes_keygen(key_len = 256) ⇒ Object
A convenience method for generating a random key and init vector for AES encryption.
-
#aes_passphrase_keygen(key_len, passphrase, salt, iterations = 2048) ⇒ Object
A convenience method for generating a key and init vector from a passphrase for AES encryption.
-
#cipher_keygen(cipher_name) ⇒ Object
A convenience method for generating random cipher keys and initialization vectors.
-
#cipher_passphrase_keygen(cipher_name, passphrase, salt, iterations = 2048) ⇒ Object
A convenience method for generating a cipher key from a passphrase using PKCS5 v2 standards.
-
#supported_ciphers ⇒ Object
Returns a list of supported ciphers.
Instance Method Details
#aes_keygen(key_len = 256) ⇒ Object
A convenience method for generating a random key and init vector for AES encryption.
Defaults to a key length of 256.
54 55 56 |
# File 'lib/securize_string/cipher_methods.rb', line 54 def aes_keygen(key_len=256) return cipher_keygen("aes-#{key_len.to_i}-cbc") end |
#aes_passphrase_keygen(key_len, passphrase, salt, iterations = 2048) ⇒ Object
A convenience method for generating a key and init vector from a passphrase for AES encryption.
Defaults to a key length of 256.
62 63 64 |
# File 'lib/securize_string/cipher_methods.rb', line 62 def aes_passphrase_keygen(key_len, passphrase, salt, iterations=2048) return cipher_passphrase_keygen("aes-#{key_len.to_i}-cbc", passphrase, salt, iterations) end |
#cipher_keygen(cipher_name) ⇒ Object
A convenience method for generating random cipher keys and initialization vectors.
25 26 27 28 29 |
# File 'lib/securize_string/cipher_methods.rb', line 25 def cipher_keygen(cipher_name) cipher = OpenSSL::Cipher.new(cipher_name) cipher.encrypt return [cipher.random_key, cipher.random_iv].map {|s| self.new(s)} end |
#cipher_passphrase_keygen(cipher_name, passphrase, salt, iterations = 2048) ⇒ Object
A convenience method for generating a cipher key from a passphrase using PKCS5 v2 standards. The key and the salt may be any string.
This also derives a predictable initialization vector from the given passphrase in a manor consistent with RFC2898, though it is better to generate a random IV with each encryption of the same data if possible.
Note that the OpenSSL::Cipher#pkcs5_keyivgen method is not PKCS5 v2 compliant, and therefore will not be implemented.
40 41 42 43 44 45 46 47 48 |
# File 'lib/securize_string/cipher_methods.rb', line 40 def cipher_passphrase_keygen(cipher_name, passphrase, salt, iterations=2048) # The first pits of a PBKDF2 are the same wether I build the key and IV # at once, but when an IV is built in the RFC2898 standards, they do it # this way. cipher = OpenSSL::Cipher.new(cipher_name.to_s) cipher.encrypt key_and_iv = OpenSSL::PKCS5.pbkdf2_hmac_sha1(passphrase.to_s, salt.to_s, iterations.to_i, cipher.key_len+cipher.iv_len) return [key_and_iv[0,cipher.key_len], key_and_iv[cipher.key_len, cipher.iv_len]].map {|s| self.new(s)} end |
#supported_ciphers ⇒ Object
Returns a list of supported ciphers. These can be passed directly into the cipher methods.
19 20 21 |
# File 'lib/securize_string/cipher_methods.rb', line 19 def supported_ciphers return OpenSSL::Cipher.ciphers end |