ossl_cryptor 0.3.0 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/ossl_cryptor/cryptor.rb +138 -0
- data/lib/ossl_cryptor/version.rb +1 -1
- data/lib/ossl_cryptor.rb +1 -132
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f39199a57423f99db8654d6d98384c3f5bad8e68
|
|
4
|
+
data.tar.gz: 8fed59bb734c911b55f2eb6bd227e83ecc53f187
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cda7135b25b14f567eaaef75f75cb9cabcfaadc909929c415cc94b994b4962ab5f941cb7eb2964c2fa84e05b3cad4ac0555d9d6c64d1e1d09169f3485b418ec4
|
|
7
|
+
data.tar.gz: 9551a5ce4aff8fa6e082556b101f73b373a903e829ab18384beb9e706714f74bafb92508c1a24c2cb47b457694ff7869242dd0692e348a35537ca53cb31f0e04
|
|
@@ -0,0 +1,138 @@
|
|
|
1
|
+
require "ossl_cryptor/generator"
|
|
2
|
+
require "base64"
|
|
3
|
+
require "openssl"
|
|
4
|
+
|
|
5
|
+
# openssl crypt module
|
|
6
|
+
module OsslCryptor
|
|
7
|
+
|
|
8
|
+
# Crypt class
|
|
9
|
+
class Cryptor
|
|
10
|
+
|
|
11
|
+
# constructor.
|
|
12
|
+
# @param [String] mode cipher mode.
|
|
13
|
+
# @param [Hash] key_iv key and iv. key_iv[:key] = key, key_iv[:iv] = iv
|
|
14
|
+
# @param [String] pass password
|
|
15
|
+
# @param [String] salt salt data. if salt is nil, use random salt.
|
|
16
|
+
# @param [String] key_iv_hash use hash algorithm when key and iv generate.
|
|
17
|
+
def initialize(mode, key_iv=nil, pass=nil, salt=nil, key_iv_hash=nil)
|
|
18
|
+
|
|
19
|
+
# if invalid mode, raise error.
|
|
20
|
+
if (AES != mode) && (DES != mode)
|
|
21
|
+
raise OpenSSL::Cipher::CipherError "invalid mode : #{mode}"
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
# generate cipher instance.
|
|
25
|
+
@cipher = OsslCryptor::Generator.generate_cipher(mode)
|
|
26
|
+
# set initialize parameter and generate key, iv
|
|
27
|
+
@mode = mode
|
|
28
|
+
@pass = pass.nil? ? OsslCryptor::Generator::DEFAULT_PASS : pass
|
|
29
|
+
@salt = salt
|
|
30
|
+
@key_iv_hash = key_iv_hash.nil? ? OsslCryptor::Generator::DEFAULT_KEY_IV_HASH : key_iv_hash
|
|
31
|
+
@key_iv = key_iv.nil? ? generate_key_iv(@mode, @pass, @salt, @key_iv_hash) : key_iv
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
# reset cipher instance.
|
|
35
|
+
def reset
|
|
36
|
+
@cipher = OsslCryptor::Generator.generate_cipher(@mode)
|
|
37
|
+
@key_iv = generate_key_iv(@mode, @pass, @salt, @key_iv_hash) if @key_iv.nil?
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
# encrypt value.
|
|
41
|
+
# @param [String] value encrypt value.
|
|
42
|
+
# @param [boolean] encode_base64 encode base64 flag.
|
|
43
|
+
# @return [String] encrypt result value.
|
|
44
|
+
def encrypt(value, encode_base64=true)
|
|
45
|
+
|
|
46
|
+
# prepare encrypt.
|
|
47
|
+
@cipher.encrypt
|
|
48
|
+
set_key_iv
|
|
49
|
+
|
|
50
|
+
# encrypt.
|
|
51
|
+
encrypt_value = ""
|
|
52
|
+
encrypt_value << @cipher.update(value)
|
|
53
|
+
encrypt_value << @cipher.final
|
|
54
|
+
|
|
55
|
+
# encode base64.
|
|
56
|
+
if encode_base64
|
|
57
|
+
encrypt_value = Base64.encode64(encrypt_value)
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
encrypt_value
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
# decrypt value.
|
|
64
|
+
# @param [String] value decrypt value.
|
|
65
|
+
# @param [boolean] decode_base64 decode base64 flag.
|
|
66
|
+
# @return [String] decrypt result value.
|
|
67
|
+
def decrypt(value, decode_base64=true)
|
|
68
|
+
|
|
69
|
+
# prepare decrypt.
|
|
70
|
+
@cipher.decrypt
|
|
71
|
+
set_key_iv
|
|
72
|
+
|
|
73
|
+
# decode base64.
|
|
74
|
+
if decode_base64
|
|
75
|
+
value = Base64.decode64(value)
|
|
76
|
+
end
|
|
77
|
+
|
|
78
|
+
# decrypt.
|
|
79
|
+
decrypt_value = ""
|
|
80
|
+
decrypt_value << @cipher.update(value)
|
|
81
|
+
decrypt_value << @cipher.final
|
|
82
|
+
decrypt_value
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
# get crypt mode.
|
|
86
|
+
# @return [String] mode
|
|
87
|
+
def mode
|
|
88
|
+
@mode
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
# get key and iv.
|
|
92
|
+
# @return [Hash] key and iv. key_iv[:key] = key, key_iv[:iv] = iv
|
|
93
|
+
def key_iv
|
|
94
|
+
@key_iv
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
private
|
|
98
|
+
|
|
99
|
+
# generate cipher key and iv.
|
|
100
|
+
# @param [String] mode crypt mode.
|
|
101
|
+
# @param [String] pass password, if pass = nil, use OsslCryptor::Generator::DEFAULT_PASS
|
|
102
|
+
# @param [String] salt salt data. if salt = nil, use random salt.
|
|
103
|
+
# @param [String] hash use hash algorithm when key and iv generate. if key_iv_hash = nil, use OsslCryptor::Generator::DEFAULT_KEY_IV_HASH
|
|
104
|
+
# @return [Hash] key and iv hash.
|
|
105
|
+
def generate_key_iv(mode, pass=nil, salt=nil, hash=nil)
|
|
106
|
+
|
|
107
|
+
salt = salt.nil? ? get_default_salt(mode) : salt
|
|
108
|
+
key_iv_str = OpenSSL::PKCS5.pbkdf2_hmac(pass, salt, 2000, (@cipher.key_len + @cipher.iv_len), hash)
|
|
109
|
+
key = key_iv_str[0, @cipher.key_len]
|
|
110
|
+
iv = key_iv_str[@cipher.key_len, @cipher.iv_len]
|
|
111
|
+
cipher_key_iv = { key: key, iv: iv }
|
|
112
|
+
|
|
113
|
+
cipher_key_iv
|
|
114
|
+
end
|
|
115
|
+
|
|
116
|
+
# get default salt depend on mode.
|
|
117
|
+
# @param [String] mode cipher mode.
|
|
118
|
+
# @return [String] default salt.
|
|
119
|
+
def get_default_salt(mode)
|
|
120
|
+
|
|
121
|
+
default_salt = nil
|
|
122
|
+
|
|
123
|
+
if mode == AES
|
|
124
|
+
default_salt = OpenSSL::Random.random_bytes(8)
|
|
125
|
+
elsif mode == DES
|
|
126
|
+
default_salt = OpenSSL::Random.random_bytes(2)
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
default_salt
|
|
130
|
+
end
|
|
131
|
+
|
|
132
|
+
# set key and iv to cipher instance.
|
|
133
|
+
def set_key_iv
|
|
134
|
+
@cipher.key = @key_iv[:key]
|
|
135
|
+
@cipher.iv = @key_iv[:iv]
|
|
136
|
+
end
|
|
137
|
+
end
|
|
138
|
+
end
|
data/lib/ossl_cryptor/version.rb
CHANGED
data/lib/ossl_cryptor.rb
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
require "ossl_cryptor/version"
|
|
2
|
+
require "ossl_cryptor/cryptor"
|
|
2
3
|
require "ossl_cryptor/generator"
|
|
3
4
|
require "base64"
|
|
4
5
|
require "openssl"
|
|
@@ -11,138 +12,6 @@ module OsslCryptor
|
|
|
11
12
|
# AES Mode.
|
|
12
13
|
AES = "AES-256-CBC"
|
|
13
14
|
|
|
14
|
-
# Crypt class
|
|
15
|
-
class Cryptor
|
|
16
|
-
|
|
17
|
-
# constructor.
|
|
18
|
-
# @param [String] mode cipher mode.
|
|
19
|
-
# @param [Hash] key_iv key and iv. key_iv[:key] = key, key_iv[:iv] = iv
|
|
20
|
-
# @param [String] pass password
|
|
21
|
-
# @param [String] salt salt data. if salt is nil, use random salt.
|
|
22
|
-
# @param [String] key_iv_hash use hash algorithm when key and iv generate.
|
|
23
|
-
def initialize(mode, key_iv=nil, pass=nil, salt=nil, key_iv_hash=nil)
|
|
24
|
-
|
|
25
|
-
# if invalid mode, raise error.
|
|
26
|
-
if (AES != mode) && (DES != mode)
|
|
27
|
-
raise OpenSSL::Cipher::CipherError "invalid mode : #{mode}"
|
|
28
|
-
end
|
|
29
|
-
|
|
30
|
-
# generate cipher instance.
|
|
31
|
-
@cipher = OsslCryptor::Generator.generate_cipher(mode)
|
|
32
|
-
# set initialize parameter and generate key, iv
|
|
33
|
-
@mode = mode
|
|
34
|
-
@pass = pass.nil? ? OsslCryptor::Generator::DEFAULT_PASS : pass
|
|
35
|
-
@salt = salt
|
|
36
|
-
@key_iv_hash = key_iv_hash.nil? ? OsslCryptor::Generator::DEFAULT_KEY_IV_HASH : key_iv_hash
|
|
37
|
-
@key_iv = key_iv.nil? ? generate_key_iv(@mode, @pass, @salt, @key_iv_hash) : key_iv
|
|
38
|
-
end
|
|
39
|
-
|
|
40
|
-
# reset cipher instance.
|
|
41
|
-
def reset
|
|
42
|
-
@cipher = OsslCryptor::Generator.generate_cipher(@mode)
|
|
43
|
-
@key_iv = generate_key_iv(@mode, @pass, @salt, @key_iv_hash) if @key_iv.nil?
|
|
44
|
-
end
|
|
45
|
-
|
|
46
|
-
# encrypt value.
|
|
47
|
-
# @param [String] value encrypt value.
|
|
48
|
-
# @param [boolean] encode_base64 encode base64 flag.
|
|
49
|
-
# @return [String] encrypt result value.
|
|
50
|
-
def encrypt(value, encode_base64=true)
|
|
51
|
-
|
|
52
|
-
# prepare encrypt.
|
|
53
|
-
@cipher.encrypt
|
|
54
|
-
set_key_iv
|
|
55
|
-
|
|
56
|
-
# encrypt.
|
|
57
|
-
encrypt_value = ""
|
|
58
|
-
encrypt_value << @cipher.update(value)
|
|
59
|
-
encrypt_value << @cipher.final
|
|
60
|
-
|
|
61
|
-
# encode base64.
|
|
62
|
-
if encode_base64
|
|
63
|
-
encrypt_value = Base64.encode64(encrypt_value)
|
|
64
|
-
end
|
|
65
|
-
|
|
66
|
-
encrypt_value
|
|
67
|
-
end
|
|
68
|
-
|
|
69
|
-
# decrypt value.
|
|
70
|
-
# @param [String] value decrypt value.
|
|
71
|
-
# @param [boolean] decode_base64 decode base64 flag.
|
|
72
|
-
# @return [String] decrypt result value.
|
|
73
|
-
def decrypt(value, decode_base64=true)
|
|
74
|
-
|
|
75
|
-
# prepare decrypt.
|
|
76
|
-
@cipher.decrypt
|
|
77
|
-
set_key_iv
|
|
78
|
-
|
|
79
|
-
# decode base64.
|
|
80
|
-
if decode_base64
|
|
81
|
-
value = Base64.decode64(value)
|
|
82
|
-
end
|
|
83
|
-
|
|
84
|
-
# decrypt.
|
|
85
|
-
decrypt_value = ""
|
|
86
|
-
decrypt_value << @cipher.update(value)
|
|
87
|
-
decrypt_value << @cipher.final
|
|
88
|
-
decrypt_value
|
|
89
|
-
end
|
|
90
|
-
|
|
91
|
-
# get crypt mode.
|
|
92
|
-
# @return [String] mode
|
|
93
|
-
def mode
|
|
94
|
-
@mode
|
|
95
|
-
end
|
|
96
|
-
|
|
97
|
-
# get key and iv.
|
|
98
|
-
# @return [Hash] key and iv. key_iv[:key] = key, key_iv[:iv] = iv
|
|
99
|
-
def key_iv
|
|
100
|
-
@key_iv
|
|
101
|
-
end
|
|
102
|
-
|
|
103
|
-
private
|
|
104
|
-
|
|
105
|
-
# generate cipher key and iv.
|
|
106
|
-
# @param [String] mode crypt mode.
|
|
107
|
-
# @param [String] pass password, if pass = nil, use OsslCryptor::Generator::DEFAULT_PASS
|
|
108
|
-
# @param [String] salt salt data. if salt = nil, use random salt.
|
|
109
|
-
# @param [String] hash use hash algorithm when key and iv generate. if key_iv_hash = nil, use OsslCryptor::Generator::DEFAULT_KEY_IV_HASH
|
|
110
|
-
# @return [Hash] key and iv hash.
|
|
111
|
-
def generate_key_iv(mode, pass=nil, salt=nil, hash=nil)
|
|
112
|
-
|
|
113
|
-
salt = salt.nil? ? get_default_salt(mode) : salt
|
|
114
|
-
key_iv_str = OpenSSL::PKCS5.pbkdf2_hmac(pass, salt, 2000, (@cipher.key_len + @cipher.iv_len), hash)
|
|
115
|
-
key = key_iv_str[0, @cipher.key_len]
|
|
116
|
-
iv = key_iv_str[@cipher.key_len, @cipher.iv_len]
|
|
117
|
-
cipher_key_iv = { key: key, iv: iv }
|
|
118
|
-
|
|
119
|
-
cipher_key_iv
|
|
120
|
-
end
|
|
121
|
-
|
|
122
|
-
# get default salt depend on mode.
|
|
123
|
-
# @param [String] mode cipher mode.
|
|
124
|
-
# @return [String] default salt.
|
|
125
|
-
def get_default_salt(mode)
|
|
126
|
-
|
|
127
|
-
default_salt = nil
|
|
128
|
-
|
|
129
|
-
if mode == AES
|
|
130
|
-
default_salt = OpenSSL::Random.random_bytes(8)
|
|
131
|
-
elsif mode == DES
|
|
132
|
-
default_salt = OpenSSL::Random.random_bytes(2)
|
|
133
|
-
end
|
|
134
|
-
|
|
135
|
-
default_salt
|
|
136
|
-
end
|
|
137
|
-
|
|
138
|
-
# set key and iv to cipher instance.
|
|
139
|
-
def set_key_iv
|
|
140
|
-
@cipher.key = @key_iv[:key]
|
|
141
|
-
@cipher.iv = @key_iv[:iv]
|
|
142
|
-
end
|
|
143
|
-
end
|
|
144
|
-
|
|
145
|
-
# get available crypt mode.
|
|
146
15
|
# @return [String] availabe cipher.
|
|
147
16
|
def self.available
|
|
148
17
|
"#{AES}, #{DES}"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ossl_cryptor
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- h.shigemoto
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-07-
|
|
11
|
+
date: 2016-07-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -70,6 +70,7 @@ files:
|
|
|
70
70
|
- bin/console
|
|
71
71
|
- bin/setup
|
|
72
72
|
- lib/ossl_cryptor.rb
|
|
73
|
+
- lib/ossl_cryptor/cryptor.rb
|
|
73
74
|
- lib/ossl_cryptor/generator.rb
|
|
74
75
|
- lib/ossl_cryptor/version.rb
|
|
75
76
|
- ossl_cryptor.gemspec
|