Module: Redmine::Ciphering

Included in:

AuthSource, Repository, User

Defined in:

lib/redmine/ciphering.rb

Defined Under Namespace

Modules: ClassMethods

Class Method Summary

• .cipher_key ⇒ Object
• .decrypt_text(text) ⇒ Object
• .encrypt_text(text) ⇒ Object
• .included(base) ⇒ Object
• .logger ⇒ Object

Class Method Details

.cipher_key ⇒ Object

# File 'lib/redmine/ciphering.rb', line 61

def cipher_key
  key = Redmine::Configuration['database_cipher_key'].to_s
  key.blank? ? nil : Digest::SHA256.hexdigest(key)[0..31]
end

.decrypt_text(text) ⇒ Object

# File 'lib/redmine/ciphering.rb', line 42

def decrypt_text(text)
  if text && match = text.match(/\Aaes-256-cbc:(.+)\Z/)
    if cipher_key.blank?
      logger.error "Attempt to decrypt a ciphered text with no cipher key configured in config/configuration.yml" if logger
      return text
    end
    text = match[1]
    c = OpenSSL::Cipher.new("aes-256-cbc")
    e, iv = text.split("--").map {|s| Base64.decode64(s)}
    c.decrypt
    c.key = cipher_key
    c.iv = iv
    d = c.update(e)
    d << c.final
  else
    text
  end
end

.encrypt_text(text) ⇒ Object

# File 'lib/redmine/ciphering.rb', line 27

def encrypt_text(text)
  if cipher_key.blank? || text.blank?
    text
  else
    c = OpenSSL::Cipher.new("aes-256-cbc")
    iv = c.random_iv
    c.encrypt
    c.key = cipher_key
    c.iv = iv
    e = c.update(text.to_s)
    e << c.final
    "aes-256-cbc:" + [e, iv].map {|v| Base64.strict_encode64(v)}.join('--')
  end
end

.included(base) ⇒ Object

# File 'lib/redmine/ciphering.rb', line 22

def self.included(base)
  base.extend ClassMethods
end

.logger ⇒ Object

# File 'lib/redmine/ciphering.rb', line 66

def logger
  Rails.logger
end