cipher

v1.4.0

cipher v1.4.0 Cipher View Source

Helpers to encrypt and decrypt data.

Link to this section Summary

Functions

cipher(data)

Returns the JSON converted and encrypted version of given data

decrypt(crypted)

Returns decrypted string contained in given crypted string

encrypt(data)

Returns encrypted string containing given data string

parse(crypted)

Returns the JSON parsed data of the given crypted string, with labeled tuples: {:ok, data} or {:error, reason}

sign(url, base)

Gets signature for given base and appends as a param to url. Returns url with appended param. Given payload is contained within the signature and will be returned by validate_signature/3

sign(url, base, payload)
sign_url(url, payload \\ %{})

An URL is signed by getting a hash from it, ciphering that hash, and appending it as the last query parameter

sign_url_from_body(url, body, payload \\ %{})

The URL is signed by getting a MD5 hash from the sorted data values, ciphering that hash, and appending it as the last query parameter of the URL

sign_url_from_mapped_body(url, mapped_body, payload \\ %{})

The URL is signed by getting a MD5 hash from the sorted data values, ciphering that hash, and appending it as the last query parameter of the URL

validate_signature(ciphered, base, rest)

Decrypts ciphered, and compare with an MD5 hash got from base. Returns {:error, reason} if decryption failed, or if comparison failed. {:ok, payload} otherwise

validate_signed_body(url, body)

Validate given signed URL + body. If body is a binary, it will be validated as if signed using sign_url_from_body/2. Else it will be validated as if signed using sign_url_from_mapped_body/2

validate_signed_url(url)

Validate given signed URL

Link to this section Functions

Link to this function cipher(data) View Source

Returns the JSON converted and encrypted version of given data:

%{"hola": " qué tal クソ"}
|> Cipher.cipher  # "qW0Voj3h4nglx4NPy8aLXVY5ze5V3OBu5IoaQTMUUbU%3D"
|> Cipher.parse  #  {:ok, %{"hola" => " qué tal クソ"}}
Link to this function decrypt(crypted) View Source

Returns decrypted string contained in given crypted string

  "secret"
  |> Cipher.encrypt  # "KSHHdx0uyveYGY5PHqLAKw%3D%3D"
  |> Cipher.decrypt  # "secret"

Returns {:error, "Could not decode string 'yourstring'..."} if it failed in the first stage of decryption (unescaping and decoding given string). That means someone tampered your crypted data, or maybe the crypted string was not transferred properly.

Returns {:error, "Could not decrypt string 'yourstring'..."} if it failed in the last stage, the decryption itself. Usually means your decryption keys are not the same that were used to encrypt. But may also be some cases were a tampered or wrongly transferred string can be actually unescaped and decoded successfully. They will fail in the decryption stage.

Link to this function encrypt(data) View Source

Returns encrypted string containing given data string

  "secret"
  |> Cipher.encrypt  # "KSHHdx0uyveYGY5PHqLAKw%3D%3D"
  |> Cipher.decrypt  # "secret"
Link to this function parse(crypted) View Source

Returns the JSON parsed data of the given crypted string, with labeled tuples: {:ok, data} or {:error, reason}

  %{"hola": " qué tal クソ"}
  |> Cipher.cipher  # "qW0Voj3h4nglx4NPy8aLXVY5ze5V3OBu5IoaQTMUUbU%3D"
  |> Cipher.parse  #  {:ok, %{"hola" => " qué tal クソ"}}
Link to this function sign(url, base) View Source

Gets signature for given base and appends as a param to url. Returns url with appended param. Given payload is contained within the signature and will be returned by validate_signature/3.

Be aware that payload must be a Map, and that some keys, such as md5 or deny, will be used internally. Keep things namespaced in there and there will be no collisions.

Link to this function sign(url, base, payload) View Source
Link to this function sign_url(url, payload \\ %{}) View Source

An URL is signed by getting a hash from it, ciphering that hash, and appending it as the last query parameter.

  "/bla/bla?p1=1&p2=2"
  |> Cipher.sign_url  # "/bla/bla?p1=1&p2=2&signature=4B6WOiuD9N39K7p%2BnqNIljGh5F%2F%2BnHRQGZC9ih%2Bh%2BHGZc8Tz0KdRJXC%2B5M%2B8%2BHZ2mAXPh3jQcSRieTq4dGm5Ng%3D%3D"
Link to this function sign_url_from_body(url, body, payload \\ %{}) View Source

The URL is signed by getting a MD5 hash from the sorted data values, ciphering that hash, and appending it as the last query parameter of the URL.

Link to this function sign_url_from_mapped_body(url, mapped_body, payload \\ %{}) View Source

The URL is signed by getting a MD5 hash from the sorted data values, ciphering that hash, and appending it as the last query parameter of the URL.

The given mapped_body must be a map.

Link to this function validate_signature(ciphered, base, rest) View Source

Decrypts ciphered, and compare with an MD5 hash got from base. Returns {:error, reason} if decryption failed, or if comparison failed. {:ok, payload} otherwise.

Link to this function validate_signed_body(url, body) View Source

Validate given signed URL + body. If body is a binary, it will be validated as if signed using sign_url_from_body/2. Else it will be validated as if signed using sign_url_from_mapped_body/2.

{:ok, payload} or {:error, reason} are returned.

Link to this function validate_signed_url(url) View Source

Validate given signed URL.

  "/bla/bla?p1=1&p2=2&signature=4B6WOiuD9N39K7p%2BnqNIljGh5F%2F%2BnHRQGZC9ih%2Bh%2BHGZc8Tz0KdRJXC%2B5M%2B8%2BHZ2mAXPh3jQcSRieTq4dGm5Ng%3D%3D"
  |> Cipher.validate_signed_url  # {:ok, %{"md5" => "86e359da7ab4886f3525ac2b9c5edc5b  613146"}}

{:ok, payload} or {:error, reason} are returned.