Created
May 16, 2017 18:19
-
-
Save treble37/55459f5f0f218ab9b5ebe74b325f4a41 to your computer and use it in GitHub Desktop.
Ruby AES Encryption using OpenSSL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
require "openssl" | |
require 'digest/sha2' | |
require 'base64' | |
# We use the AES 256 bit cipher-block chaining symetric encryption | |
alg = "AES-256-CBC" | |
# We want a 256 bit key symetric key based on some passphrase | |
digest = Digest::SHA256.new | |
digest.update("symetric key") | |
key = digest.digest | |
# We could also have just created a random key | |
# key = OpenSSL::Cipher::Cipher.new(alg).random_key | |
# For security as part of the encryption algorithm, we create a random | |
# initialization vector. | |
iv = OpenSSL::Cipher::Cipher.new(alg).random_iv | |
# Example, we debug output our key in various formats | |
puts "Our key" | |
p key | |
# Base64 the key | |
puts "Our key base 64" | |
key64 = [key].pack('m') | |
puts key64 | |
# Base64 decode the key | |
puts "Our key retrieved from base64" | |
p key64.unpack('m')[0] | |
raise 'Key Error' if(key.nil? or key.size != 32) | |
# Now we do the actual setup of the cipher | |
aes = OpenSSL::Cipher::Cipher.new(alg) | |
aes.encrypt | |
aes.key = key | |
aes.iv = iv | |
# Now we go ahead and encrypt our plain text. | |
cipher = aes.update("This is line 1\n") | |
cipher << aes.update("This is some other string without linebreak.") | |
cipher << aes.update("This follows immediately after period.") | |
cipher << aes.update("Same with this final sentence") | |
cipher << aes.final | |
puts "Our Encrypted data in base64" | |
cipher64 = [cipher].pack('m') | |
puts cipher64 | |
decode_cipher = OpenSSL::Cipher::Cipher.new(alg) | |
decode_cipher.decrypt | |
decode_cipher.key = key | |
decode_cipher.iv = iv | |
plain = decode_cipher.update(cipher64.unpack('m')[0]) | |
plain << decode_cipher.final | |
puts "Decrypted Text" | |
puts plain | |
' | |
# aes encode a file into another file. | |
File.open("foo.enc","w") do |enc| | |
File.open("foo") do |f| | |
loop do | |
r = f.read(4096) | |
break unless r | |
cipher = aes.update(r) | |
enc << cipher | |
end | |
end | |
enc << aes.final | |
end | |
' | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
syntax changed. now it's
OpenSSL::Cipher.new