Cryptosystem is a Ruby library facilitating simple encryption and decryption with asymmetric cryptography (or public-key cryptography). At this time, only RSA is supported.
In your Gemfile, include the cryptosystem gem and then bundle install.
gem 'cryptosystem'In order to encrypt and decrypt, a public and private key must be generated.
$ openssl genrsa -out private.key
$ openssl rsa -in private.key -pubout > public.pubCryptosystem must know the path and password to your private key as well as the path to your public key.
# config/initializers/cryptosystem.rb
Cryptosystem::RSA.configure do |config|
config.password = ENV['secret-password']
config.private_key_path = 'path/to/private.key'
config.public_key_path = 'path/to/public.pub'
endConfiguration options may also be passed in or overridden when instantiating a new object.
config = {
password: ENV['secret-password'],
private_key_path: 'path/to/private.key',
public_key_path: 'path/to/public.pub'
}
rsa = Cryptosystem::RSA.new(config)After generating a key pair and properly configuring Cryptosystem, encryption is straightforward.
rsa = Cryptosystem::RSA.new
rsa.encrypt('secret') # => "JxpuhTpEqRtMLmaSfaq/X6XONkBnMe..."The encrypted value is Base64 encoded, making it suitable for database storage.
Decrypting is as simple as passing in an encrypted, Base64 encoded value.
rsa = Cryptosystem::RSA.new
encrypted_value = rsa.encrypt('secret') # => "Y8DWJc2/+7TIxdLEolV99XI2sclHuK..."
rsa.decrypt(encrypted_value) # => "secret"Special thanks to @jedspurg for the inspiration for this project.