superclass=Object
type=class
library=openssl
extended=
included=

̸ŹΤݲ줿󥿡ե󶡤륯饹Ǥ

ŪˤΥ饹ľܻȤäƥǡŹ沽뤳Ȥ
򤱤Ƥ̾Ϥʥ󥿡եѲǽ
ϤǤɬפʤΤϰŹ楢르ꥺꤹ뤿 
[[m:OpenSSL::Cipher.new]] ǰŹ楪֥Ȥ뤳ȤǤ礦

⤷Υ饹ľѤưŹ沽ϡŹθ
IV(Initialization Vector)μ갷ˤĤ򤷤Ƥ
Ƥ

ʲμѤޤ
  * [[m:OpenSSL::Cipher.new]]  [[m:OpenSSL::Cipher::AES256.new]] 
    ʤɤǰŹ楪֥Ȥ
  * [[m:OpenSSL::Cipher#encrypt]], [[m:OpenSSL::Cipher#decrypt]] 
    Ź桢Τ򤹤뤫ꤹ
  * [[m:OpenSSL::Cipher#key=]], [[m:OpenSSL::Cipher#iv=]], 
    [[m:OpenSSL::Cipher#random_key]], [[m:OpenSSL::Cipher#random_iv]] ʤɤ
     IV(initialization vector) ꤹ
  * [[m:OpenSSL::Cipher#update]], [[m:OpenSSL::Cipher#final]] 
    Ź沽/沽򤹤


ruby 1.8.3  Cast5  Idea  CAST5  IDEA ˲̾ޤ

=== ֥åŹ⡼
AES Τ褦ʥ֥åŹǤϰŹ򤹤ݤ
⡼ɤꤹɬפޤΥ饤֥Ǥ
ʲΤ褦ʸǥ⡼ɤǤޤ
  * "CBC"
  * "CFB"
  * "ECB"
  * "OFB"
ʸΰ̣
[[ref:lib:openssl#references]] ʤɤĴ٤Ƥ
AES Ѥ硢̾ CBC ѤɤǤ礦
ˤäƤϰ꤬ΤǵĤƤ


=== 
  require 'openssl'
  
  # Ź沽ǡ
  data = "*secret data*"
  # ѥ
  pass = "**secret password**"
  # salt
  salt = OpenSSL::Random.random_bytes(8)
  
  # Ź沽
  enc = OpenSSL::Cipher.new("AES-256-CBC")
  enc.encrypt
  # IV(Initialize Vector) PKCS#5 ˽äƥѥɤ salt 
  key_iv = OpenSSL::PKCS5.pbkdf2_hmac_sha1(pass, salt, 2000, enc.key_len + enc.iv_len)
  key = key_iv[0, enc.key_len]
  iv = key_iv[enc.key_len, enc.iv_len]
  # IVꤹ
  enc.key = key
  enc.iv = iv
  
  # Ź沽
  encrypted_data = ""
  encrypted_data << enc.update(data)
  encrypted_data << enc.final
  
  p encrypted_data
  
  # 沽
  dec = OpenSSL::Cipher.new("AES-256-CBC")
  dec.decrypt
  
  # IVꤹ
  dec.key = key
  dec.iv = iv
  
  # 沽
  decrypted_data = ""
  decrypted_data << dec.update(encrypted_data)
  decrypted_data << dec.final
  
  p decrypted_data
