Epithet
Epithet generates stable, compact, purposefully prefixed base58 identifiers from 64-bit integers for reversible obfuscation and tamper detection.
Installation
Add to your Gemfile:
gem 'epithet'
Or install directly:
gem install epithet
Usage
With EPITHET_PASSPHRASE=example_only:
require 'epithet'
def epithet_initialize
Epithet.configure(
passphrase: ENV.fetch('EPITHET_PASSPHRASE'),
scrypt: { salt: 'myapp/production' },
context: 'v1'
)
end
epithet_initialize
user_epithet = Epithet.new('user')
id = 42
param = user_epithet.encode(id)
# => "user_GikJf7Y58t5sgqJpifjgZy"
user_epithet.decode(param)
# => 42
Configuration once at initialisation is recommended, because deriving key material from the passphrase uses scrypt, and is consequently expensive. The context: is optional; this parameter is included when deriving the subkey material for obfuscating and tamper resistance, and support purpose separation such as key rotation. The scrypt step is seasoned by a salt, which defaults to a fixed constant; set an application-specific salt, as in the example above, so that two applications inadvertently sharing a passphrase never derive the same keys.
Refer to the Epithet rdoc for the full set of configuration options.
Note that decode returns nil when authentication fails, and raises Epithet::FormatError (an ArgumentError) on invalid formats.
Development
Install dependencies and run tests:
bundle install
rake test
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/inopinatus/epithet.
Security considerations
See SECURITY.md.
License
The gem is available as open source under the terms of the MIT License.