GitList

app/libs/security.rb

882090fc

 require 'bcrypt'
 
 module Security
     mattr_reader :cipher_iv, :cipher_key
 
     def self.encrypt(unencrypted_message, password = nil)
         cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
         cipher.encrypt()
 
         pass = password ? password : generate_token()
         cipher.key = @@cipher_key = Digest::SHA1.hexdigest(pass)
         cipher.iv  = @@cipher_iv  = cipher.random_iv
 
         encrypted = cipher.update(unencrypted_message)
         encrypted << cipher.final
     end
 
     def self.decrypt(encrypted_message, key, iv)
         cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
         cipher.decrypt()
 
         cipher.key = @@cipher_key = key
         cipher.iv  = @@cipher_iv = iv

83b96cf7

         begin
             decrypted = cipher.update(encrypted_message)
             decrypted << cipher.final
         rescue
             decrypted = ''
         end
 
         decrypted

882090fc

     end
 
     def self.generate_token()
         BCrypt::Engine.generate_salt()
     end
 
     def self.save_cookies
         cookies[:key] = @@cipher_key
         cookies[:iv]  = @@cipher_iv
     end
 end