TINFM meaning „there is no fine manual“, of course. Just as with digest
, Ruby’s openssl documentation is missing just the bits you’ll need to get started. In order to encrypt or decrypt something, you’ll first need to instantiate the approriate cipher:
require 'openssl' cipher = OpenSSL::Cipher::Cipher.new NAME_OF_CIPHER
So how do I know the name of the cipher if it’s not documented? You’ll need to refer to the OpenSSL documentation, or refer to this handy list:
base64 | Base 64 |
bf-cbc | Blowfish in CBC mode |
bf | Alias for bf-cbc |
bf-cfb | Blowfish in CFB mode |
bf-ecb | Blowfish in ECB mode |
bf-ofb | Blowfish in OFB mode |
cast-cbc | CAST in CBC mode |
cast | Alias for cast-cbc |
cast5-cbc | CAST5 in CBC mode |
cast5-cfb | CAST5 in CFB mode |
cast5-ecb | CAST5 in ECB mode |
cast5-ofb | CAST5 in OFB mode |
des-cbc | DES in CBC mode |
des | Alias for des-cbc |
des-cfb | DES in CBC mode |
des-ofb | DES in OFB mode |
des-ecb | DES in ECB mode |
des-ede-cbc | Two key triple DES EDE in CBC mode |
des-ede | Two key triple DES EDE in ECB mode |
des-ede-cfb | Two key triple DES EDE in CFB mode |
des-ede-ofb | Two key triple DES EDE in OFB mode |
des-ede3-cbc | Three key triple DES EDE in CBC mode |
des-ede3 | Three key triple DES EDE in ECB mode |
des3 | Alias for des-ede3-cbc |
des-ede3-cfb | Three key triple DES EDE CFB mode |
des-ede3-ofb | Three key triple DES EDE in OFB mode |
desx | DESX algorithm. |
idea-cbc | IDEA algorithm in CBC mode |
idea | same as idea-cbc |
idea-cfb | IDEA in CFB mode |
idea-ecb | IDEA in ECB mode |
idea-ofb | IDEA in OFB mode |
rc2-cbc | 128 bit RC2 in CBC mode |
rc2 | Alias for rc2-cbc |
rc2-cfb | 128 bit RC2 in CFB mode |
rc2-ecb | 128 bit RC2 in ECB mode |
rc2-ofb | 128 bit RC2 in OFB mode |
rc2-64-cbc | 64 bit RC2 in CBC mode |
rc2-40-cbc | 40 bit RC2 in CBC mode |
rc4 | 128 bit RC4 |
rc4-64 | 64 bit RC4 |
rc4-40 | 40 bit RC4 |
rc5-cbc | RC5 cipher in CBC mode |
rc5 | Alias for rc5-cbc |
rc5-cfb | RC5 cipher in CFB mode |
rc5-ecb | RC5 cipher in ECB mode |
rc5-ofb | RC5 cipher in OFB mode |
aes-[128|192|256]-cbc | 128/192/256 bit AES in CBC mode |
aes-[128|192|256] | Alias for aes-[128|192|256]-cbc |
aes-[128|192|256]-cfb | 128/192/256 bit AES in 128 bit CFB mode |
aes-[128|192|256]-cfb1 | 128/192/256 bit AES in 1 bit CFB mode |
aes-[128|192|256]-cfb8 | 128/192/256 bit AES in 8 bit CFB mode |
aes-[128|192|256]-ecb | 128/192/256 bit AES in ECB mode |
aes-[128|192|256]-ofb | 128/192/256 bit AES in OFB mode |
A list of the currently supported cipher strings, without the explanation can also be produced by calling OpenSSL::Cipher.ciphers
After you’ve instantiated the proper cipher, you tell it to either encrypt or decrypt, give it the key to use (and possibly an IV) and then pass in data using update
:
cipher.encrypt cipher.key = KEY_DATA ciphertext = cipher.update plaintext cipher.reset cipher.decrypt cipher.key = KEY_DATA plaintext = cipher.update plaintext
That’s all. Not really difficult, once you’ve pieced everything together.