Encrypt, decrypt using Rails
You mean this one?: ActiveSupport::MessageEncryptor. Here is the way to reuse Rails 5+ on Ruby 2.4+ application's secret:
crypt = ActiveSupport::MessageEncryptor.new(Rails.application.secrets.secret_key_base[0..31])
encrypted_data = crypt.encrypt_and_sign('my confidental data')
And encrypted data can be decrypted with:
decrypted_back = crypt.decrypt_and_verify(encrypted_data)
The above example uses first 32 characters of Rails app secret as an encryption and signing key, because the default MessageEncryptor
cipher aes-256-gcm
requires exactly 256 bit key. By convention, during the app creation, Rails generates a secret as a string of 128 hex digits.
Important! Ruby 2.4 upgrade note
Before Ruby 2.4 and Rails 5 there was no key size restriction and it was popular to just past full secret into the encryptor initializer:
# pre-2.4
crypt = ActiveSupport::MessageEncryptor.new(Rails.application.secrets.secret_key_base)
Internally the encryption algorithm (AES256GCM provided by OpenSSL) was using only 32 characters from the key, however the signing algorithm (SHA1) was consuming all 128 characters.
Therefore, while upgrading an app from pre-2.4 Ruby, and where the app previously encrypted the data with an unrestricted key size, the MessageEncryptor
must get a full secret in the second parameter to avoid ActiveSupport::MessageVerifier::InvalidSignature
on the legacy data decryption:
# post-2.4 upgrade
crypt = ActiveSupport::MessageEncryptor.new(Rails.application.secrets.secret_key_base[0..31], Rails.application.secrets.secret_key_base)
Encryption-Decryption in Rails
SHA1 is a one way function you can't reverse it.
This may be of interest re password resets:
http://www.binarylogic.com/2008/11/16/tutorial-reset-passwords-with-authlogic/
If you want to do encryption/decryption then you should use something like AES. Once you start using encryption/decryption, however, you'll also have to start worrying about key management too.
Regarding your comment to the OP below - if you are going to to be storing CC info, I would advise you get a security person in who knows about crypto, key management etc and who also understands the relevant legal and regulatory aspects.
Easiest and fastest way to encrypt/decrypt in Rails?
Why not put it in the session? Then it will be part of the encrypted cookie / in your session store.
You can set the value with session[:message] = "my message"
and get it with session[:message]
.
Java encryption / decryption to Ruby
You need to use the IV and Key from your Java Example, not a new/random IV/Key:
require "openssl"
require "base64"
require 'byebug'
include Base64
plain_text = "abceeffslaj"
key = 'Bar12345Bar12345'
iv = 'RandomInitVector'
cipher = OpenSSL::Cipher::AES128.new(:CBC)
cipher.encrypt
cipher.key = key
cipher.iv = iv
cipher_text = cipher.update(plain_text) + cipher.final
cipher = OpenSSL::Cipher::AES128.new(:CBC)
cipher.decrypt
cipher.key = key
cipher.iv = iv
decrypted_plain_text = cipher.update(cipher_text) + cipher.final
puts "AES128 in CBC mode"
puts "Key: " + urlsafe_encode64(key)
puts "Iv: " + urlsafe_encode64(iv)
puts "Plain text: " + plain_text
puts "Cipher text: " + urlsafe_encode64(cipher_text)
puts "Decrypted plain text: " + decrypted_plain_text
Related Topics
How to Remove Duplicates in a Hash in Ruby on Rails
How to Reset a Factory_Girl Sequence
"Msvcrt-Ruby18.Dll Was Not Found" with Ruby
Storing Passwords for External APIs - Best Practice
How to Fix a Bundle Install "Nio4R Error" on Rails 5.0.0
Command for Displaying a Gem's Dependencies
In Ruby How to Use Class Level Local Variable? (A Ruby Newbie's Question)
Ruby: Building a Plot of Function
How to Make Like Clause Case-Insensitive
Splitting String into Pair of Characters in Ruby
Ruby Variable Name with Double Underscores
Add Existing Classes into a Module
How to Write an Rspec Test for a Ruby Method That Contains "Gets.Chomp"
How to Use "_Blank" or "_New" in Rails
Ruby Converting String Encoding from Iso-8859-1 to Utf-8 Not Working
Select Checkbox Pass Array in Ruby on Rails
Ruby on Rails: Confirmation Page for Activerecord Object Creation