lib/rapid-vaults/encrypt.rb in rapid-vaults-1.1.2 vs lib/rapid-vaults/encrypt.rb in rapid-vaults-1.2.0
- old
+ new
@@ -2,24 +2,29 @@
class Encrypt
# encrypts a string with openssl
def self.openssl(settings)
require 'openssl'
+ # validate key and nonce
+ raise 'The key is not a valid 32 byte key.' unless settings[:key].bytesize == 32
+ raise 'The nonce is not a valid 12 byte nonce.' unless settings[:nonce].bytesize == 12
+
# setup the encryption parameters
cipher = OpenSSL::Cipher.new('aes-256-gcm').encrypt
cipher.key = settings[:key]
cipher.iv = settings[:nonce]
cipher.auth_data = settings.key?(:pw) ? settings[:pw] : ''
# output the encryption and associated tag
- if settings[:ui] == :cli
+ case settings[:ui]
+ when :cli
# output to file
File.write("#{settings[:outdir]}encrypted.txt", cipher.update(settings[:file]) + cipher.final)
File.write("#{settings[:outdir]}tag.txt", cipher.auth_tag)
puts "Your encrypted.txt and associated tag.txt for this encryption have been generated in #{settings[:outdir]}."
- elsif settings[:ui] == :api
- # output to array
+ when :api
+ # return as array
[cipher.update(settings[:file]) + cipher.final, cipher.auth_tag]
end
end
# encrypts a string with gpgme
@@ -31,15 +36,16 @@
# setup the encryption parameters
crypto = GPGME::Crypto.new(armor: true, pinentry_mode: GPGME::PINENTRY_MODE_LOOPBACK)
# output the encryption and associated tag
- if settings[:ui] == :cli
+ case settings[:ui]
+ when :cli
# output to file
File.write("#{settings[:outdir]}encrypted.txt", crypto.encrypt(settings[:file], symmetric: true, password: settings[:pw]).read)
- puts "Your encrypted.txt for this encryption have been generated in #{settings[:outdir]}."
- elsif settings[:ui] == :api
- # output to string
+ puts "Your encrypted.txt for this encryption has been generated in #{settings[:outdir]}."
+ when :api
+ # return as string
crypto.encrypt(settings[:file], symmetric: true, password: settings[:pw]).read
end
end
end