class ManageIQ::Password::Key
Constants
- GENERATED_KEY_SIZE
Public Class Methods
generate_key(password = nil, salt = nil)
click to toggle source
# File lib/manageiq/password.rb, line 164 def self.generate_key(password = nil, salt = nil) password ||= OpenSSL::Random.random_bytes(GENERATED_KEY_SIZE) Base64.strict_encode64(Digest::SHA256.digest("#{password}#{salt}")[0, GENERATED_KEY_SIZE]) end
new(algorithm = nil, key = nil, iv = nil)
click to toggle source
# File lib/manageiq/password.rb, line 169 def initialize(algorithm = nil, key = nil, iv = nil) @algorithm = algorithm || "aes-256-cbc" @key = key || generate_key @raw_key = Base64.decode64(@key) @iv = iv @raw_iv = iv && Base64.decode64(iv) end
Public Instance Methods
decrypt(str)
click to toggle source
# File lib/manageiq/password.rb, line 185 def decrypt(str) apply(:decrypt, str) end
decrypt64(str)
click to toggle source
# File lib/manageiq/password.rb, line 189 def decrypt64(str) decrypt(Base64.decode64(str)) end
encrypt(str)
click to toggle source
# File lib/manageiq/password.rb, line 177 def encrypt(str) apply(:encrypt, str) end
encrypt64(str)
click to toggle source
# File lib/manageiq/password.rb, line 181 def encrypt64(str) Base64.strict_encode64(encrypt(str)) end
to_h()
click to toggle source
# File lib/manageiq/password.rb, line 197 def to_h { :algorithm => @algorithm, :key => @key }.tap do |h| h[:iv] = @iv if @iv end end
to_s()
click to toggle source
# File lib/manageiq/password.rb, line 193 def to_s @key end
Private Instance Methods
apply(mode, str)
click to toggle source
# File lib/manageiq/password.rb, line 213 def apply(mode, str) c = OpenSSL::Cipher.new(@algorithm) c.public_send(mode) c.key = @raw_key c.iv = @raw_iv if @raw_iv c.update(str) << c.final end
generate_key()
click to toggle source
# File lib/manageiq/password.rb, line 208 def generate_key raise "key can only be generated for the aes-256-cbc algorithm" unless @algorithm == "aes-256-cbc" self.class.generate_key end