This example clearly shows why in the other thread the question was 
raised regarding hiding the key in a C extention.  As-is anybody would 
easily be able to decrypt.  And if you have an algoritm that builds the 
key into part of the encrypted string somebody could easily digest the 
algorithm and extract the key from the encrypted string.  Am I missing 
something in general about cryptography?  I admit I need to read up more 
in this area.

Aleks Kissinger wrote:
> OpenSSL can be used as a general-purpose crypto lib.  Theres a good
> example of using a plain symmetric cipher in the ruby 1.8.4 source, in
> samples/openssl/crypt.rb:
> 
> ************************
> #!/usr/bin/env ruby
> require 'openssl'
> 
> text = "abcdefghijklmnopqrstuvwxyz"
> key = "key"
> alg = "DES-EDE3-CBC"
> #alg = "AES-128-CBC"
> 
> puts "--Setup--"
> puts %(clear text:    "#{text}")
> puts %(symmetric key: "#{key}")
> puts %(cipher alg:    "#{alg}")
> puts
> 
> puts "--Encrypting--"
> des = OpenSSL::Cipher::Cipher.new(alg)
> des.encrypt(key) #, "iv12345678")
> cipher =  des.update(text)
> cipher << des.final
> puts %(encrypted text: #{cipher.inspect})
> puts
> 
> puts "--Decrypting--"
> des = OpenSSL::Cipher::Cipher.new(alg)
> des.decrypt(key) #, "iv12345678")
> out =  des.update(cipher)
> out << des.final
> puts %(decrypted text: "#{out}")
> puts
> ***************************
> 
> On 8/30/06, William Crawford <wccrawford / gmail.com> wrote:
>> Timothy Goddard wrote:
>> > OpenSSL?
>>
>> I think he actually means for -storing- credit cards.  I highly
>> reccommend you do NOT do this.  Or at least tell me what the website is,
>> so I never shop there.
>>
>> Is this what you are looking for?  http://rubyforge.org/projects/crypt/
>>
>> -- 
>> Posted via http://www.ruby-forum.com/.
>>
>>
>