class StoreAgent::DataEncoder::OpensslAes256CbcEncoder
データを OpenSSL AES-256-CBC で暗号化して保存するためのエンコーダ
StoreAgent.configure do |c| c.storage_data_encoders = [StoreAgent::DataEncoder::OpensslAes256CbcEncoder] end
暗号化にパスワードを使用する場合、環境変数で指定する
$ env STORE_AGENT_DATA_ENCODER_PASSWORD=password ruby-command
指定が無い場合には空文字列をパスワードとして使用する
Public Instance Methods
decode(encrypted_data, password: @password, **_)
click to toggle source
Calls superclass method
StoreAgent::DataEncoder#decode
# File lib/store_agent/data_encoder/openssl_aes_256_cbc_encoder.rb, line 41 def decode(encrypted_data, password: @password, **_) super do @encryptor.decrypt encrypted_data.force_encoding("ASCII-8BIT") salt = encrypted_data[8..15] data = encrypted_data[16..-1] crypt(data: data, password: password, salt: salt) end end
encode(data, password: @password, **_)
click to toggle source
Calls superclass method
StoreAgent::DataEncoder#encode
# File lib/store_agent/data_encoder/openssl_aes_256_cbc_encoder.rb, line 32 def encode(data, password: @password, **_) super do @encryptor.encrypt salt = OpenSSL::Random.random_bytes(8) encrypted_data = crypt(data: data, password: password, salt: salt) "Salted__#{salt}#{encrypted_data}" end end
Private Instance Methods
crypt(data: "", password: "", salt: "")
click to toggle source
# File lib/store_agent/data_encoder/openssl_aes_256_cbc_encoder.rb, line 53 def crypt(data: "", password: "", salt: "") md5_base = "#{password}#{salt}".force_encoding("ASCII-8BIT") md5_digest1 = OpenSSL::Digest::MD5.new(md5_base).digest md5_digest2 = OpenSSL::Digest::MD5.new("#{md5_digest1}#{md5_base}").digest md5_digest3 = OpenSSL::Digest::MD5.new("#{md5_digest2}#{md5_base}").digest @encryptor.padding = 1 @encryptor.key = "#{md5_digest1}#{md5_digest2}" @encryptor.iv = md5_digest3 @encryptor.update(data) + @encryptor.final end