Ruby - encrypted_strings
- by Tom Andersen
A bit of a Ruby newbie here - should be an easy question:
I want to use the encrypted_strings gem to create a password encrypted string:
(from http://rdoc.info/projects/pluginaweek/encrypted_strings)
Question is: Everything works fine, but how come I don't need the password to decrypt the string? Say I want to store the string somewhere for a while,like the session. Is the password also stored with it? (which would seem very strange?). And no, I'm not planning on using 'secret-key' or any similar hack as a password.
I am planning on dynamically generating a class variable @@password using a uuid, which I don't store other than in memory, and can change from one running of the program to the next.
Symmetric:
>> password = 'shhhh'
=> "shhhh"
>> crypted_password = password.encrypt(:symmetric, :password => 'secret_key')
=> "qSg8vOo6QfU=\n"
>> crypted_password.class
=> String
>> crypted_password == 'shhhh'
=> true
>> password = crypted_password.decrypt
=> "shhhh"