Merge pull request #1 from securenative/dev

inbaltako · web-flow · commit 026f0e0f3123 · 2019-09-10T15:13:40.000+03:00
Encrypt/Decrypt
diff --git a/lib/securenative/config.rb b/lib/securenative/config.rb
@@ -6,4 +6,6 @@ module Config
     TRACK_EVENT = "/track"
     VERIFY_EVENT = "/verify"
     FLOW_EVENT = "/flow"
+    CIPHER_SIZE = 256
+    AES_BLOCK_SIZE = 32
 end
diff --git a/lib/securenative/utils.rb b/lib/securenative/utils.rb
@@ -1,7 +1,10 @@
+require_relative 'config'
+require "logger"
 require "base64"
 require "json"
 require 'openssl'
 
+
 module Utils
   def self.verify_signature(secret, text_body, header_signature)
     begin
@@ -38,4 +41,34 @@ def self.parse_cookie(cookie = nil)
       return fp, cid
     end
   end
+
+  def self.encrypt(plain_text, key)
+    cipher = OpenSSL::Cipher::AES.new(Config::CIPHER_SIZE, :CBC).encrypt
+    cipher.padding = 0
+
+    if plain_text.size % Config::AES_BLOCK_SIZE != 0
+      logger = Logger.new(STDOUT)
+      logger.level = Logger::WARN
+      logger.fatal("data not multiple of block length")
+      return nil
+    end
+
+    key = Digest::SHA1.hexdigest key
+    cipher.key = key.slice(0, Config::AES_BLOCK_SIZE)
+    s = cipher.update(plain_text) + cipher.final
+
+    s.unpack('H*')[0].upcase
+  end
+
+  def self.decrypt(encrypted, key)
+    cipher = OpenSSL::Cipher::AES.new(Config::CIPHER_SIZE, :CBC).decrypt
+    cipher.padding = 0
+
+    key = Digest::SHA1.hexdigest key
+    cipher.key = key.slice(0, Config::AES_BLOCK_SIZE)
+    s = [encrypted].pack("H*").unpack("C*").pack("c*")
+
+    rv = cipher.update(s) + cipher.final
+    return rv.strip
+  end
 end
diff --git a/test/test_utils.rb b/test/test_utils.rb
@@ -25,4 +25,24 @@
     expect(cookie[0]).to be_empty
     expect(cookie[1]).to be_empty
   end
+
+  it "encrypt text" do
+    plain_text = "Some random plain text for  test"
+    key = "6EA4915349C0AAC6F6572DA4F6B00C42DAD33E75"
+    encrypted = "B8D770D0F7388EC3DF62B0097C36C05CAB03E934F2E2760536004F87FE11644C"
+
+    res = Utils.encrypt(plain_text, key)
+    expect(res).to_not be_empty
+    expect(res).to eq(encrypted)
+  end
+
+  it "decrypt text" do
+    encrypted_text = "B8D770D0F7388EC3DF62B0097C36C05CAB03E934F2E2760536004F87FE11644C"
+    decrypted = "Some random plain text for  test"
+    key = "6EA4915349C0AAC6F6572DA4F6B00C42DAD33E75"
+
+    res = Utils.decrypt(encrypted_text, key)
+    expect(res).to_not be_empty
+    expect(res).to eq(decrypted)
+  end
 end
