GitList

app/libs/security.rb
882090fc
 require 'bcrypt'
 
 module Security
     mattr_reader :cipher_iv, :cipher_key
 
     def self.encrypt(unencrypted_message, password = nil)
         cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
         cipher.encrypt()
 
         pass = password ? password : generate_token()
         cipher.key = @@cipher_key = Digest::SHA1.hexdigest(pass)
         cipher.iv  = @@cipher_iv  = cipher.random_iv
 
         encrypted = cipher.update(unencrypted_message)
         encrypted << cipher.final
     end
 
     def self.decrypt(encrypted_message, key, iv)
         cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
         cipher.decrypt()
 
         cipher.key = @@cipher_key = key
         cipher.iv  = @@cipher_iv = iv
 
         decrypted = cipher.update(encrypted_message)
         decrypted << cipher.final
     end
 
     def self.generate_token()
         BCrypt::Engine.generate_salt()
     end
 
     def self.save_cookies
         cookies[:key] = @@cipher_key
         cookies[:iv]  = @@cipher_iv
     end
 end