Module: SimpleRPC::Encryption

Defined in:: lib/simplerpc/encryption.rb

Overview

Handles openssl-based encryption of authentication details

The auth system used is not terribly secure, but will guard against casual attackers. If you are particularly concerned, turn it off and use SSH tunnels.

Constant Summary collapse

CIPHER_STRENGTH = How strong to make the AES encryption

Class Method Summary collapse

.decrypt(raw, secret, salt) ⇒ Object

Decrypt data.
.encrypt(password, secret, salt) ⇒ Object

Encrypt data.
.salt_key(salt, key) ⇒ Object

Salt a key by simply adding the two together.

Class Method Details

.decrypt(raw, secret, salt) ⇒ `Object`

Decrypt data

# File 'lib/simplerpc/encryption.rb', line 27

def self.decrypt(raw, secret, salt)
    # Decrypt raw input
    decipher      = OpenSSL::Cipher::AES.new(CIPHER_STRENGTH, :CBC)
    decipher.decrypt
    decipher.key  = salt_key(salt, secret)
    return decipher.update(raw) + decipher.final
end

.encrypt(password, secret, salt) ⇒ `Object`

Encrypt data

# File 'lib/simplerpc/encryption.rb', line 18

def self.encrypt(password, secret, salt)
    # Encrypt with salted key
    cipher         = OpenSSL::Cipher::AES.new(CIPHER_STRENGTH, :CBC)
    cipher.encrypt
    cipher.key     = salt_key(salt, secret)
    return cipher.update(password) + cipher.final
end

.salt_key(salt, key) ⇒ `Object`

Salt a key by simply adding the two together

# File 'lib/simplerpc/encryption.rb', line 37

def self.salt_key(salt, key)
  return salt.encode('ASCII-8BIT', :undef => :replace, :invalid => :replace) + 
          key.encode('ASCII-8BIT', :undef => :replace, :invalid => :replace)
end