Sha256: f23fcf94e4e92e538193d9e5e9dc19e856be31aa84a6f0617400fbcec05f8e09

Contents?: true

Size: 1.75 KB

Versions: 48

Compression:

Stored size: 1.75 KB

Contents

require "openssl"

module Authlogic
  module CryptoProviders
    # This encryption method is reversible if you have the supplied key. So in order to use this encryption method you must supply it with a key first.
    # In an initializer, or before your application initializes, you should do the following:
    #
    #   Authlogic::CryptoProviders::AES256.key = "my really long and unique key, preferrably a bunch of random characters"
    #
    # My final comment is that this is a strong encryption method, but its main weakness is that its reversible. If you do not need to reverse the hash
    # then you should consider Sha512 or BCrypt instead.
    #
    # Keep your key in a safe place, some even say the key should be stored on a separate server.
    # This won't hurt performance because the only time it will try and access the key on the separate server is during initialization, which only
    # happens once. The reasoning behind this is if someone does compromise your server they won't have the key also. Basically, you don't want to
    # store the key with the lock.
    class AES256
      class << self
        attr_writer :key

        def encrypt(*tokens)
          aes.encrypt
          aes.key = @key
          [aes.update(tokens.join) + aes.final].pack("m").chomp
        end

        def matches?(crypted, *tokens)
          aes.decrypt
          aes.key = @key
          (aes.update(crypted.unpack("m").first) + aes.final) == tokens.join
        rescue OpenSSL::CipherError
          false
        end

        private
          def aes
            raise ArgumentError.new("You must provide a key like #{name}.key = my_key before using the #{name}") if @key.blank?
            @aes ||= OpenSSL::Cipher::Cipher.new("AES-256-ECB")
          end
      end
    end
  end
end

Version data entries

48 entries across 48 versions & 8 rubygems

Version Path
synapses-cas-0.1.3 lib/casserver/authenticators/authlogic_crypto_providers/aes256.rb
synapses-cas-0.1.2 lib/casserver/authenticators/authlogic_crypto_providers/aes256.rb
synapses-cas-0.1.1 lib/casserver/authenticators/authlogic_crypto_providers/aes256.rb
synapses-cas-0.1.0 lib/casserver/authenticators/authlogic_crypto_providers/aes256.rb
bmedia-casserver-1.1.3 lib/casserver/authenticators/authlogic_crypto_providers/aes256.rb
bmedia-casserver-1.1.2 lib/casserver/authenticators/authlogic_crypto_providers/aes256.rb
bmedia-casserver-1.1.1 lib/casserver/authenticators/authlogic_crypto_providers/aes256.rb
rubycas-server-1.1.0 lib/casserver/authenticators/authlogic_crypto_providers/aes256.rb
rubycas-server-1.0.1 lib/casserver/authenticators/authlogic_crypto_providers/aes256.rb
rubycas-server-1.0 lib/casserver/authenticators/authlogic_crypto_providers/aes256.rb
uchouhan-rubycas-server-1.3.a lib/casserver/authenticators/authlogic_crypto_providers/aes256.rb
uchouhan-rubycas-server-1.2.a lib/casserver/authenticators/authlogic_crypto_providers/aes256.rb
uchouhan-rubycas-server-1.1.a lib/casserver/authenticators/authlogic_crypto_providers/aes256.rb
uchouhan-rubycas-server-1.0.a lib/casserver/authenticators/authlogic_crypto_providers/aes256.rb
refinerycms-0.9.6.34 vendor/plugins/authlogic/lib/authlogic/crypto_providers/aes256.rb
refinerycms-0.9.6.33 vendor/plugins/authlogic/lib/authlogic/crypto_providers/aes256.rb
refinerycms-0.9.6.32 vendor/plugins/authlogic/lib/authlogic/crypto_providers/aes256.rb
refinerycms-0.9.6.31 vendor/plugins/authlogic/lib/authlogic/crypto_providers/aes256.rb
refinerycms-0.9.6.30 vendor/plugins/authlogic/lib/authlogic/crypto_providers/aes256.rb
refinerycms-0.9.6.29 vendor/plugins/authlogic/lib/authlogic/crypto_providers/aes256.rb