first round of tests look okay, now we can re-use this function :-)
This commit is contained in:
cktricky
+4
-34
@@ -1,4 +1,7 @@
|
|||||||
|
require 'encryption'
|
||||||
|
|
||||||
class User < ActiveRecord::Base
|
class User < ActiveRecord::Base
|
||||||
|
|
||||||
attr_accessible :email, :admin, :first_name, :last_name, :user_id, :password, :password_confirmation
|
attr_accessible :email, :admin, :first_name, :last_name, :user_id, :password, :password_confirmation
|
||||||
validates :password, :presence => true,
|
validates :password, :presence => true,
|
||||||
:confirmation => true,
|
:confirmation => true,
|
||||||
@@ -87,42 +90,9 @@ private
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
# Added a re-usable encryption routine, shouldn't be an issue!
|
|
||||||
def encrypt_sensitive_value(val="")
|
|
||||||
aes = OpenSSL::Cipher::Cipher.new(cipher_type)
|
|
||||||
aes.encrypt
|
|
||||||
aes.key = key
|
|
||||||
aes.iv = iv if iv != nil
|
|
||||||
#self.encrypted_ssn = aes.update(self.SSN) + aes.final
|
|
||||||
#self.SSN = nil
|
|
||||||
end
|
|
||||||
|
|
||||||
def decrypt_ssn
|
|
||||||
aes = OpenSSL::Cipher::Cipher.new(cipher_type)
|
|
||||||
aes.decrypt
|
|
||||||
aes.key = key
|
|
||||||
aes.iv = iv if iv != nil
|
|
||||||
#aes.update(self.encrypted_ssn) + aes.final
|
|
||||||
end
|
|
||||||
|
|
||||||
# Should be able to just re-use the same key we already have!
|
|
||||||
def key
|
|
||||||
raise "Key Missing" if !(KEY)
|
|
||||||
KEY
|
|
||||||
end
|
|
||||||
|
|
||||||
def iv
|
|
||||||
raise "No IV for this User" if !(self.key_management.iv)
|
|
||||||
#self.key_management.iv
|
|
||||||
end
|
|
||||||
|
|
||||||
def cipher_type
|
|
||||||
'aes-256-cbc'
|
|
||||||
end
|
|
||||||
|
|
||||||
def generate_token(column)
|
def generate_token(column)
|
||||||
begin
|
begin
|
||||||
#self[column] =
|
self[column] = Encryption.encrypt_sensitive_value(self.user_id)
|
||||||
end while User.exists?(column => self[column])
|
end while User.exists?(column => self[column])
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|||||||
@@ -1 +1,3 @@
|
|||||||
ACCESS_TOKEN_SALT = "S4828341189aefiasd#ASDF"
|
ACCESS_TOKEN_SALT = "S4828341189aefiasd#ASDF"
|
||||||
|
|
||||||
|
RG_IV = "PPKLKAJDKGHALDJL482823458028"
|
||||||
@@ -0,0 +1,36 @@
|
|||||||
|
module Encryption
|
||||||
|
|
||||||
|
# Added a re-usable encryption routine, shouldn't be an issue!
|
||||||
|
def self.encrypt_sensitive_value(val="")
|
||||||
|
aes = OpenSSL::Cipher::Cipher.new(cipher_type)
|
||||||
|
aes.encrypt
|
||||||
|
aes.key = key
|
||||||
|
aes.iv = iv if iv != nil
|
||||||
|
new_val = aes.update("#{val}") + aes.final
|
||||||
|
Base64.strict_encode64(new_val).encode('utf-8')
|
||||||
|
end
|
||||||
|
|
||||||
|
def self.decrypt_sensitive_value(val="")
|
||||||
|
aes = OpenSSL::Cipher::Cipher.new(cipher_type)
|
||||||
|
aes.decrypt
|
||||||
|
aes.key = key
|
||||||
|
aes.iv = iv if iv != nil
|
||||||
|
decoded = Base64.strict_decode64("#{val}")
|
||||||
|
aes.update("#{decoded}") + aes.final
|
||||||
|
end
|
||||||
|
|
||||||
|
# Should be able to just re-use the same key we already have!
|
||||||
|
def self.key
|
||||||
|
raise "Key Missing" if !(KEY)
|
||||||
|
KEY
|
||||||
|
end
|
||||||
|
|
||||||
|
def self.iv
|
||||||
|
RG_IV
|
||||||
|
end
|
||||||
|
|
||||||
|
def self.cipher_type
|
||||||
|
'aes-256-cbc'
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
Reference in New Issue
Block a user